Set as Homepage - Add to Favorites

【female full frontal】

Source:Unobstructed Information Network Editor:Entertainment Time:2025-06-26 04:45:05

Google has fixed a security flaw that exposed the email addresses of YouTube users,female full frontal a potentially massive privacy breach.

Google — which owns YouTube — has confirmed that the vulnerabilities discovered by cybersecurity researchers, who go by Brutecat and Nathan, have been addressed, according to a report in BleepingComputer.

Aside from the breach of privacy that would've affected all YouTube accounts, many YouTubers like controversial content creators, investigators, whistleblowers, and activists keep their identities anonymous to protect their safety. Exposing such users' emails could have had huge ramifications.

You May Also Like
SEE ALSO: Google is reportedly developing a ‘fake’ email feature to help you avoid spam

Brutecat discovered that blocking a user on YouTube revealed a unique internal identifier Google uses for each user across all of its platforms (Gmail, Google Drive, etc.) called a Gaia ID. They then figured out that simply clicking the three dot icon of a user's live chat profile to access the block function triggered an API request that revealed their Gaia ID.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

This in itself is already a security flaw since it exposed the unique identifiers for YouTube accounts that is only meant to be used internally. But now that Brutecat was able to retrieve users' Gaia IDs, they set out to see if they could reveal the email addresses associated with each ID.

With Nathan's help, the two researchers surmised they could do this with "old forgotten Google products since they probably contained some bug or logic flaw to resolve a Gaia ID to an email." Using Google's Recorder app for Pixel devices, they tested sharing a recording with an obfuscated Gaia ID and blocked the user from receiving an email notification by renaming the file with a 2.5 million letter name, which broke the email notification system because it was too long.

Now that the hypothetical victim wouldn't be notified, the researchers sent the file sharing request with the Gaia IDs, effectively converting the ID into an email address.

Related Stories
  • Apple Maps follows Google, relabels Gulf of Mexico as America
  • Google: We're not participating in European fact-checking rules for Search or YouTube
  • YouTuber GamersNexus sues Honey over alleged scam

Thanks to Brutecat and Nathan's sleuthing, Google was able to lock down that vulnerability and prevent hackers from accessing everyone's email address associated with their YouTube accounts. The vulnerability was disclosed to Google in Sep. 2024 and was finally fixed on Feb. 9, 2025. That's a long time for potential exposure, but Google confirmed to BleepingComputer that there were "no signs that any attacker actively exploited the flaws."

In exchange for their work, the researchers received a cool $10,633. Phew, crisis averted.

Topics Cybersecurity YouTube

Previous:New MIT report reveals energy costs of AI tools like ChatGPT

Next:The 10 Most Anticipated PC Games of 2016

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Everything coming to Hulu in February 2019Vegans embrace the idea of changing the name of vegan cheese to 'Gary'Amazon rolls out Scout delivery robot to deliver packagesInstagram get hacked? Good luck getting it back.New allegations against Bryan Singer include sexually assaulting 13Microsoft includes NewsGuard fake news warnings in Edge browserNYC might actually eventually allow eIt looks like Donald Trump appeared in a soft core porn filmStop what you're doing and look at these 23 adorable giant panda cubsWe can expect a coalHouse hunting apps make me want to gouge my eyes outNow Facebook can more easily delete your trash PagesStop what you're doing and look at these 23 adorable giant panda cubsWe really need a new word for bingeMindy Kaling weighs in on where her 'Office' character would be nowHow to tell if a show was born to be bingeHarvey Weinstein documentary 'Untouchable' hits Sundance: ReviewAmerica's hot dad Bruce Springsteen signed a fifth grader's absence notePeople are inserting Donald Trump's sex tape comment into previous presidential speechesJoe Biden spoke about ending the rape kit backlog on 'Law & Order: SVU' last night Kim Kardashian's new 'Kimono' brand is getting a lot of backlash Samuel L. Jackson goes off after spotting mistake in 'Spider The very best Instagram posts of 2019 (so far) Japan vs Spain livestream: How to watch World Cup Group E live Netherlands vs Qatar livestream: How to watch FIFA World Cup Group A live Jose Antonio Vargas on the LGBTQ movement, immigration, and the importance of storytelling Wednesday's dancing was very mother of her Elon Musk's Neuralink could begin human testing in six months Someone said 'Ed Sheeran got hot' and now it's a meme Wendy's just sent everyone a mysterious Google Calendar invite for a lunch date Trump subreddit r/The Famous Mexican rescue dog Frida retires from the line of duty This trans teen wants to change the world through storytelling Apple's iPhone 14 Pro and Pro Max are in very short supply right now Wordle today: Here's the answer, hints for December 2 Twitter has released a bunch of spin about its ongoing Elon Musk Portugal vs Uruguay livestream: How to watch FIFA World Cup Group H live Brazil vs Switzerland livestream: How to watch FIFA World Cup Group G live Cory Booker's peeved reaction to Beto speaking Spanish at the debate is an instant meme Wordle today: Here's the answer, hints for November 28

2.8708s , 10131.671875 kb

Copyright © 2025 Powered by 【female full frontal】,Unobstructed Information Network  

Sitemap

Top

Quick Links