A security snafu on YouTube allowed users in the UAE to view the account pages and preferences of other users. The bug also created a means to jump into Gmail in cases where surfers had linked their YouTube and Gmail accounts. The issue appeared to only crop up locally, within the UAE, and only for users of the Etisalat …
I have seen this
A long time ago (1997) this happened several times in different organisations. Caching web gateways set wrongly and cahing the page without any reference to teh query string or form variables.
Really nasty but easy to fix.
Why is youtube mentioned in the title? It's not youtube's fault.
Here's what happened.
Google made a secret pact with the UAE Authorities to give them access to the profiles of the people in their country (either that or have the domain banned in Arab land), unfortunately the SQL was wrong.
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
- First Irish boy band U2. Now Apple pushes ANOTHER thing into iPhones, iPods, iPads