Russian programmer revealed how he found a way to remove any videos on YouTube.
The demonstration equipment Camila Hismetallina posted on the Internet, shows that as soon as he copied part of the web address of the video, he will be able to use it, to remove the video in half a minute.
Instead of using a hack, he reported it to the parent company Google, which gave him a reward.
He was joking, but he had the temptation to wipe the music videos of Justin Bieber.
“I spent six or seven hours to study, given that the few hours I fought the urge to clear the channel Bieber, haha”, Hismetallin wrote.
“It was a Saturday morning in San Francisco, when I reported the problem security service Google, which responded very quickly, since this vulnerability in the wrong hands could create chaos in a few minutes.
“This vulnerability could possibly be used to extort from the people or just to disrupt YouTube, removing a large amount of video in a very short period of time.
” It was recorded in a few hours, and Google has rewarded me in the sum of $ 5,000, and fortunately no videos Bieber did not suffer “.
Hismetallin wrote that he found a lack of exploring YouTube Creator Studio – service that allows you to watch video creators analytical data clip, they downloaded through the app.
See also:
iPhone 6 Plus bend in the pocket video, the new iphone 6 easy to bend his arms
Apple Campus 2 new video
The tool allows any video clip to be removed, if you type in the ID of the event, which can be found at its web address, and a long series of letters and numbers, known as an authentication token, which is supposed to act in its own way as a password.
In the problem you found the programmer, was that the service accepts any character for collapsible request, instead of requesting data the person who uploaded the video.
This meant that Hismetallin could just copy the character in his own name and use it to remove videos of other users.
The developer said that he had spent time looking for weak spots in Google products after he had previously received from the company the amount of 1,337 $ .
The search giant gives such payments as part of a program to encourage people who have previously reported that are more disadvantages.
The scheme puts restrictions on future payments by limiting the generosity that Hismetallin received for the results.
“To be honest, I was expecting from $ 15,000 to $ 20,000,” he said.
“I wanted to write a sort of ‘complaint’ Google, but first I read their rules and realized that Google can not pay me more.
“Facebook has no limits for the maximum compensation so they can pay as much as they want”.
Inopressa today
Loading …
No comments:
Post a Comment