You have to wonder at the weird numbers. Did they fail to handle collisions in a 64-bit hash?
Google Takeout a bit too true to its name after potentially 1000s of private videos shared with complete strangers
A bug in Google's Photo software caused potentially 100,000 or more netizens to have their personal videos exposed to complete strangers last Thanksgiving. The Chocolate Factory this week began notifying punters that a bug in its data-archiving tool Takeout was to blame for some accounts having their private videos shared with …
Wednesday 5th February 2020 09:12 GMT Anonymous Coward
My guess is yes
Would be they were using a content addressable store for videos, so a hash collision could totally have this result if they were using something like md5, which with 128 bits means the chance of any two videos colliding is one in 10 to the 13thish. But then there's the "birthday paradox" - even if the chances any two videos collide is low, when you throw billions of videos in there the number of collisions can get to be significant. Videos are likely to share infrastructure with YouTube, which being much older than photos would be more likely to use an older, shorter hash, so the theory checks out.
Wednesday 5th February 2020 18:47 GMT Claptrap314
If so, this would be disappointing, at best. I was informed in 2015 that they had already had a collision in 128-bit UUIDs, which is why internal UUIDs were 160 bits.
Which was concerning--it doesn't take that long to chomp through 32 bits when you are more than doubling your data on an annual basis, and are worrying about the birthday paradox (which cuts the bits in half).
But no one wants to do the work to _truly_ future-proof things.