A security snafu on YouTube allowed users in the UAE to view the account pages and preferences of other users. The bug also created a means to jump into Gmail in cases where surfers had linked their YouTube and Gmail accounts. The issue appeared to only crop up locally, within the UAE, and only for users of the Etisalat …
I have seen this
A long time ago (1997) this happened several times in different organisations. Caching web gateways set wrongly and cahing the page without any reference to teh query string or form variables.
Really nasty but easy to fix.
Why is youtube mentioned in the title? It's not youtube's fault.
Here's what happened.
Google made a secret pact with the UAE Authorities to give them access to the profiles of the people in their country (either that or have the domain banned in Arab land), unfortunately the SQL was wrong.
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Analysis The future health of the internet comes down to ONE simple question…