Mongoose: Security flaw gave researcher the power to erase every video on YouTube

Commerce, Corruption, Government, IO Impotency, Security
Mongoose
Mongoose

Security flaw gave researcher the power to erase every video on YouTube

Today’s tale of apocalyptic internet near-misses comes from software developer Kamil Hismatullin, who discovered a security flaw in YouTube that allowed him to delete any video he wanted—or all of them, if he so desired. Fortunately, he did not so desire (although he apparently had some thoughts about doing a number on Justin Bieber’s channel), and instead he reported the bug to Google and collected a $5000 reward.

Read full article.

Robert David Steele Vivas
Robert David Steele Vivas

ROBERT STEELE: A good story. Sadly, when Winn Schwartau, Peter Black (RIP) and I among others raised the cyber-security alarm in 1988-1994, everyone chose to ignore us, and worse, in 1994 when NSA was grudgingly given the mission of protecting US commercial communications and computing, instead they co-conspired with the CEOs of all the major companies to create infantile back doors that made everything less safe.  Our calls for code-level security due diligence continue to be ignored. There are two points to my comment: a) we are still not serious about open source everything engineering and security and b) we are doing nothing to protect the continuity of useful information — bank accounts, property records, life histories — everything digital is vulnerable because no one — including Google — is willing to define and live up to due diligence from code level to system level.  IMHO.  More at http://www.phibetaiota.net.