Researcher Found Flaw Which Could Have Been Used to Erase Every Video on YouTube

Software developer Kamil Hismatullin has discovered a security flaw in YouTube that apparently granted him the power to delete any video he wanted. This means that he had the power to delete each and every video on the website, but don’t be alarmed, he had no desire to do so.

The developer reported the flaw to Google and apparently collected $5000 through the company’s Vulnerability Research Grants that launched back in January. For those unaware, the program offers anyone who finds significant vulnerabilities in specific applications a reward as an incentive for researchers to find and reports bugs and security flaws, having Google quickly swiping in and fixing them.

Hismatullin is said to have been offered $1337 back in February to dig into YouTube Creator Studio and after just six or seven hours, he found “a logical bug that let me delete any video on YouTube with just one following request.”

“Although it was an early Saturday’s morning in SF when I reported issue, Google sec team replied very fast, since this vuln could create utter havoc in a matter of minutes in the bad hands who can used this vulnerability to extort people or simply disrupt YouTube by deleting massive amounts of videos in a very short period of time,” he wrote. “It was fixed in several hours, Google rewarded me $5k and luckily no Bieber videos were harmed :D”

A Google representative has confirmed what Hismatullin reported, having the exploit be one of or even the most destructive one found so far on the streaming giant’s website. Can you imagine a world where you go to YouTube and all of a sudden you are greeted with 0 videos on the entire webpage?

Thank you PCGamer for providing us with this information

Warning: Latest HTC Sense Update Reportedly Screws Up Your Smartphone

If you have a HTC and already updated to the HTC Sense Version 6, then you might have already noticed your contacts deleted from both your phone and SIM, leaving the header on your text messages filled with numbers instead of names and your WhatsApp contact list empty. However, if you still haven’t updated to the latest HTC Sense rolled out over the weekend, our advice is to skip it until a fix is available.

Another issue related to the update has been described to be linked to the theme, having it default back to the Green Theme. This might not seem a major issue as you can go into the Settings and change it right back. Not this time apparently, having users reporting that although the theme changes, some loading bars and status messages will still appear in green, having it screw up the user’s preferred theme in some cases.

There have been discussions with HTC Customer Support regarding the ‘failed’ update, where they stated it is already being discussed and investigated. The customer support has also stated that nobody can roll back the smartphone in order to avoid the faulty update, meaning that users who already updated their HTC smartphones to HTC Sense Version 6 can only remain at the mercy of the company and their technical support.

Also, when asked about who was responsible for testing the update, the customer support team has pointed to the developers. This comes as a huge surprise since all software products, especially from big corporations such as HTC, must undergo strict testing cycles performed by a highly qualified Quality Assurance department in order to prevent such issues from occurring. However, HTC might have skipped this step (and we even wonder if they have such a department apparently).

What the HTC Sense 6 should have brought is an updated color palate and multiple themes for the UI, an updated interface and more news sources for the HTC BlinkFeed, an updated and simplified interface for the Camera, Galley and Apps Tray, as well as other features noted on HTC’s page. The company has not released any official news regarding the issues present in the update, nor stated when a fix would be available.

13 Countries Added to AT&T’s International LTE Roaming Add-On List

American multinational telecommunications corporation AT&T is planning to expand its international LTE roaming services, having it being made available in Canada and the UK last year.

The corporation is planning to extend their services by adding 13 more nations to the feature list, including Spain, France, Russia and others. Taking into account how AT&T is dealing with EE in the UK and Rogers in Canada, the charging rates for the additional feature, named “Data Global”, will not change with the LTE service additions, but AT&T has not specified anything about it in their press release.

“Today, AT&T has expanded its international LTE footprint to now include Spain, France, Japan, South Korea, Australia, Hong Kong, Switzerland, Malaysia, Russia, Singapore, Guam, Hong Kong and Antigua & Barbuda. AT&T is committed to providing its customers a wider global footprint to enjoy LTE data speeds. In fact, AT&T currently has agreements to allow for LTE roaming in over 200 countries.”

However, due to different countries having different LTE bands, it would be a bit hard to get your phone to work with LTE while roaming, though if the smartphone used is fairly new, it would have more chances of connecting thanks to the newer LTE technology which adds support for more and more LTE bands into one single handset.

Thank you Android Central for providing us with this information

Google’s Drive, Docs and Sites Experiencing Issues, Should We Be Surprised?

Google has experienced a lot of problems with its services lately, from Gmail to Calendar, which affected a great deal of people. It appears that their flaws have not yet been fixed, since we can see that the Google Drive, Google Docs, Google Sheets and Google Sites services still experience problems even now.

The corporate giant has posted the first investigation notes for the Drive, Docs and Sheets, adding its Sites services roughly 50 minutes later to the list. The situation is still under investigation, however the services have “already been restored for some users, and we expect a resolution for all users in the near future. Please note this time frame is an estimate and may change.”

There is still no official information about the cause of the issue, however most people have not been affected by this disruption. Those affected however consist mostly of students who opted to use Google’s Docs and Sheets services in order to prepare their assignments. Some might even miss their deadline on uploading their projects and assignments due to the developing issue.

A recommended action for future online workspace usage is to always make a backup copy of all online documents and files to your personal computer in order to avoid such situations.

Thank you Android Central for providing us with this information

One Simple E-Mail Ended With Complete Worldwide Chaos Inside The BP Corporation

If you are an employee in a corporation, most notably a worldwide corporation, then you are most likely required to send out e-mails to different departments. That’s what happened at BP, where an employee wrote an e-mail to a Mr. “Shahid” where he mentioned that an employee by the name of “Anant Prakash” was removed from the OMS Navigation Users distribution list. However, the mail did not reach only the employees in question, but the whole worldwide group of employees.

Having sent an e-mail to different users than required (in this case all BP employees), the next reasonable step was to send another e-mail in reply, notifying upon the mistake. Something like “Please disregard the previous e-mail” or “Kindly ignore the e-mail” are just a few examples that follow such an error. However, before he was able to rectify his mistake, replies were rolling in.

It started off with e-mails such as “I have no idea who this is and can you remove me from this email,” or “Similarly I think I was added to the distribution in error”. From here, others have tried to contain the thread with messages such as “OK we have all been added in error and the guy who sent the original email has already recognised his mistake!”. Alas, that did not stop the spark generated.

Soon after, all employees from different time zones were starting to wake up or take an interest in this spamming thread, some even sending replies such as “Keep me in the loop please, I love this madness! :)”. It is not uncommon for people to be amused by such mistakes, however there were other more monotonous employees who did not find it so amusing thinking it will make a difference by expressing their frustration with capital letters and hitting the ‘Reply All’ button. A glimpse of the thread can be seen below:

“CAN YOU ALL STOP SELECTING ‘REPLY ALL’ …… just reply to Patsy.”

“PLEASE TAKE ME OFF ALL THESE REDICULOUS REPLIES!”

“CAN YOU STOP ASKING TO BE REMOVED FOR CHRIST SAKE”

“Who on earth are all you people and why are you bombarding my inbox?”

Just out of curiosity; do you have a distribution list that reads “Everyone in the world”? If so, please remove me from that list.
Thank you”

There were even employees which missed out on the topic and were asking for someone to resend the original e-mail, followed by some employee stating that he has spoken with officials at Guiness World Recors about the thread and thought they could even break the world record with this developing spam:

“I missed the original email. Can you please resend it again………. THANKS………..!!!!!!!!!”

“Keep calm and
Keep replying All!!!”

“Don’t stop, please, keep moving”

“Have just put the phone down from the Guinness people, they say another 64 replies and we have the new world record !!!
We can do this !”

And as a grand finale to this epic spam thread, the person in cause, Mr. “Anant Prakash” replied at last, having ‘restored’ order to his fellow co-workers’ inbox folders, with the following:

“To the whole BP family who have taken the time to email me today Have a wonderful weekend – I’m off to the pub.”

Thank you News.com.au

People Are Spying On You And Hacking Your Computer

How safe are you while you are on the computer? Using your anti-virus, and your firewall, perhaps other methods of keeping you safe, like keeping all of your software up to date will keep you fairly secure. Not everyone does this though, not keeping software up to date, or even your operating system. If you don’t update some vital software that you run on your computer when there is an update it can compromise all security on your machine, giving a hacker full access to your system, even giving them the ability to hack your webcam and see you while you are sitting at your computer.

https://www.youtube.com/watch?v=Yb9b_LzM1U8

Mark Ward of the BBC wrote an article showing us one vulnerability that some people have when they don’t keep Java up to date. You can view his article Licensed to hack: Cracking open the corporate world HERE. He shows us how he was able to inject coding into a website which notified him when someone had viewed the page and then gave him full access to their computer. This isn’t just for some kid sitting in their moms basement writing code, or anything, this is also for big corporations which have loads of hits each day. Corporations are able to easily gain control of users computers, accessing files, spying on them, and giving them an inside edge to their customer base.

The only suggestion I can give you to prevent this from happening is to make sure that your computer, and everything running on your computer is 100% up to date, though it doesn’t seem like that will prevent someone from gaining access to your computer, it is just one preventative measure that you are able to take.

Image courtesy of  Security Blog

Source