Google has corrected two vulnerabilities present in its services that allowed you to achieve the YouTube Accounts Email address, even anonymous users.
Gaia’s identifier (ID) is the system that manages the unique IDs of each user for all Google products, that is, it is the same in Gmail, Drive, YouTube and other services. It is a fact that the company shares with its systems internally, however, for months it has allowed to know the emails associated with users.
The process begins on YouTube, from where a user can be blocked and make this blockade active in several of Google services, something possible from a live chat or in the notification entrance tray.
In this case, the researcher known as Brutecat, using a YouTube API, agreed to Gaia Officado of a user who had blocked from the live chat in any ‘streaming’, identified together with his YouTube channel.
Together with Nathan, another researcher, expanded the analysis of Google services that could have some non -corrected error, for example, those who had become obsolete, and allow to find out the ’email’ of a person from an id of an ID of Gaia.
Thus, they arrived at the Pixel recorder, which stores the backup copies of the recordings on the website https://recorder.google.com, with a web API that served for its purpose.
Here, Nathan made a recording from his Pixel device and synchronized it in his Google account to appear on that website. When trying to share this recording with an email they had as a test, the API returned the email linked to Gaia’s ID.
Then, both decided to link these two errors and from the recorder website, introduce the Gaia ID of a previously blocked user on YouTube, which showed the email of this person.
This action, however, sends a notification to the victim’s mail, although the researchers solved this problem by sharing the recording with an extremely long name (in their test, 2.5 million letters).
These failures have been paved in February, although they identified in September of last year. Google has rewarded researchers with $ 10,633 (about 10,258 euros to change).
https://taretanbeasiswa.com/volunteerku/online-toefl-prediction-test-packet-1/
https://www.atlpropertyservices.co.uk/
https://blogearns.com/2024/05/melbet-sign-up-start-betting-in-minutes.html
https://unissonshaiti.com/2021/03/15/haiti-au-coeur-dune-bataille-geopolitique-entre-la-russie-et-les-usa/
https://blogs.lwhs.org/bayareacinema/2015/05/03/free-choice-viewing-american-sniper/
https://inutah.org/news/learn-work-opp/automation-technician/
https://hydeband.co.uk/2022/02/04/intercontinental-dating-is-it-right-for-you/
https://ustsm.md/?p=129
https://stjosephmatignon.fr/les-plantations/
https://gyxfq.com/2024/08/
https://fecoba.org.ar/datalab-2019-20-noviembre-8-30-hs-paseo-plaza-30-off-entidades-asociadas-fecoba/
https://www.campbellsrestaurant.co.uk/
https://www.jeffquinnmagic.com/
http://granding.nu/2013/12/09/nytt-kakel-pa-tio-minuter/
https://www.bogshallstables.com/
https://sangjufc.co.kr/wp_main/index.html
https://www.dostor.org/4820781
https://www.digitalmarketinginteragent.com/what-is-google-marketing/
https://veduapk.in/olxtoto-online-4d-lottery-frequently-asked-questions/
https://localguideankit.com/would-you-win-online-togel-understand-these-pointers/
https://indiacsr.in/1win-app-seamless-betting-casino-gaming-mobile/
https://www.geekbloggers.com/trustworthy-%EB%A8%B9%ED%8A%80%EA%B2%80%EC%A6%9D-your-guide-to-safe-online-play/
https://www.clivago.com/listing/perident/
https://daisukisekisui.com/sekisuihouse_wood-deck_madori/
https://radio.menu/stations/radiokrka-com-radio-krka/
https://bremen.co.jp/udb/hello-world/
https://www.ammonnews.net/article/874958
http://networkinfo.org/betting-tips-for-show-me-the-bet-toto-users/
https://www.hub-sport.com/2021/07/28/optojump-2/
https://www.baddiehub.pro/2024/07/how-does-eat-and-run-verification-help.html