Google is at it again, new YouTube security threat

8/4/24 | Member

[left that other site]

Wow...thanks! :-)

[no-to-illegals]

Thank you for suggestion.

[no-to-illegals]

Thank you. Bookmark for research.

[Openurmind]

“If Google is using an API would they get the information from /AppData/Local or AppData/Roaming to get around any security and track me?

This seems to be more than tracking my movement around the web.”

Yes, this is a real time direct API that actually carries it’s own physical IP address. Once it is active in your browser it is logging credentials and IP addresses on the fly until it is cleared from the cache. So you can’t be on youtube and still safely be logged into any other sites at the same time.

As far as /AppData/Local or AppData/Roaming I’m not sure exactly how that works, But it is tracking everything you are doing in real time and it is a high security threat for sites you are logged into or logging into. Let me explain a little better how I found it.

I was logged into our site with a fresh browser up and almost zero data cached. Only the minima data from ours. I copy and pasted a Youtube link from ours into a new tab. My Noscrip blocked all the scripts there so I had to “allow” just the one main JS or the page will not let you play the video. As soon as I went back to ours and refreshed it I got warnings from both Firefox and NoScript that Youtube was breaching logins and our site kicked me out at the same time.

We are using phpBB and it has an IP checker security feature that works on the fly. If your dynamic IP changes even while logged in using it then it kicks you out and makes you log back in again with fresh credentials to make sure it is really you the user. But here was the problem, my IP had not changed, it was the same, it was detecting a second physical address over riding mine. This should not have happened at all. The only answer can be a second user (bot) and second physical IP address.

So I cleared everything and repeated it two more times. Same thing, they have a direct API that is trying to ride in with users and logging credentials. And once it is loaded it is there until you go clear your cache. So it is not safe using your browser on any other site you log into after just visiting Youtube. I have a screenshot of the NoScript warning and it specifically says the security issue is directly from Youtube.

This has never happened before and is new. Most sites do not have that particular IP security feature phpBB has, so they have no clue it is happening. and it is hidden of course so users are clueless too. But this is serious and a cure needs to be found right away. It makes me personally not even want to go to YouTube anymore at all. It is a security risk to our domain and site let alone the privacy breach of our users.

This could allow Google and/or Google affiliates to have direct access into our site as bad actors using known trusted user’s credentials. It is just as bad for the websites as it is for the users.

[PalominoGuy]

Can you share the blockers you use, thks...

[Carriage Hill]

BKMRK.

[AnonymousConservative]

I run the site at AmericanStasi.com, and have been a pretty high priority target of surveillance for a while.

Is it possible due to your online activity in politics, or your security work, you are a target of intelligence, and this is them attacking you specifically? Google is basically a CIA project now, and fully owned by the intelligence community.

Have you had others replicate what you are seeing?

[maddog55]

I use Bitdefender Total Security which you can customize however you want. You buy one license and it’s good for 5 devices so I use it on my desktop, laptop and both cell phones.

My browser is Firefox or Brave depending on which I use. Both are set up to clear all history, cache, site permissions etc. on exit and I quite often clear it between sites while searching.

Privacy Badger is my tracker blocker and it works on ads as well. You go to settings and adjust whatever trackers you can block. I searched Google and blocked every tracker they have and there’s a ton of them. There’s others that are almost as bad.

I never get personalized ads and I also have no microphone or camera connected to the desktop and the laptop they are disabled through Bitdefender and device manager. My cell phone microphone is disabled except when used for the phone. I also reset the smart TV advertising ID about once a month and opt out of ACR.

[Openurmind]

I know you AC thanks for chiming in. I’m ATP from the TA. Yes I am being watched for sure. To the tune of imaging planes doing grids over my isolated remote location. And I know it is me, I am the only one here. I am chasing down the source that would make them so interested in me. It is closer than we would think. Much closer... Right under our fingers. Working on proving it now. I keep fishing and they will slip up and I will catch it.

Yes I am very familiar with Alphabet and who they are and what they are capable of, I have dealt with them personally in the past. But this particular issue is with general access at Youtube for sure AC. I tested it twice after the first incident and it is part of their general JS script package so everyone is getting hit with it. No one else in my circles uses the security tools I am using because they take extra work to navigate which is inconvenient for most. But even at that I would not have caught the true scope of it being a hitchhiking bot if it had not been for the default IP address security features at the TA. But I can clear out my cache and I am good again so it is not just mine or it would remain in my stuff and persist.

I posted the screenshots to show what I am getting if you can find a few to come drop in over there. As you know you are always welcome, SS can link you to it. NoScript warning lists Youtube specifically as the identity/credential security issue without a doubt. And I picked it up each time I went to YouTube and loaded their JS. They were pulling this same stuff back in 2008 and again in 2012. But back then they were also accessing local machine microphones and cameras along with their keylogging and tracking.

It boils down to this AC, just as important as user security, interacting with YouTube at all has now become a security risk for domain sites also. If they are keylogging credentials and user IP addresses they can gain access aside from the identity issue.

[AnonymousConservative]

That is amazing. Great catch.

[Tolerance Sucks Rocks]

I went ahead and cleared Firefox (history, etc.). They don’t specifically mention “clearing the cache” but they allowed me to clear everything. So now I’m back on, and I’ll be logging back into everything, but not YouBoob.

[Openurmind]

On firefox it is an option to “clear data”. It is separate from the history. You want to clear both.

“Cache” is where these both are stored in the files. So techs use the term “clearing the cache” in reference to clearing both of these out to have an empty cache.

[Openurmind]

On firefox it is an option to “clear data”. It is separate from the history. You want to clear both.

“Cache” is where these both are stored in the files. So techs use the term “clearing the cache” in reference to clearing both of these out to have an empty cache.

[Tolerance Sucks Rocks]

I did clear both data and history, as I recall. What a mess.

You’ve clearly explained the how of what’s going on. What I’d like to know is why? Either Alphabet/Google/Youtube is collaborating with the government to gather our info, or the corporate scum want something to hold over the “customers”, or they’re doing something that makes no real sense at all.

[Openurmind]

Exactly right. They are gathering data for the government. And their parent company is BlackRock. No theory, BlackRock is the head of the New World Order global government. They are right now identifying and classifying everyone as opposed to their power or not. They are flagging dissidents.

[Tolerance Sucks Rocks]

Well, I’m in deep doo doo. I’m sure they have a program to identify such troubling terms as “corporate scum.”

[Openurmind]

I wouldn’t worry it much. They know they are and they are proud of it. :)

[daniel1212]

Glad you popped in Dayglord. I know it can be done in Linux but how hard would it be to install two separate browsers of the same version next to each other but isolated from each other in Windows?

On my desktop with a 23'' screen, I have multiple installations of Firefox portable, each for its own general purpose, and which load separately, though to enable then to run concurrently, in your profile folder you need place and edit a copy of the FirefoxPortable.ini from Other\Source to the main folder of FirefoxPortable (in Windows, not Linux, you can just right click on the shortcut Firefox icon, then hit Properties, then Open File location which is where you want to place FirefoxPortable.ini, which is to be found and copied from in the Other>Source folder. Paste and then edit/change that FirefoxPortable.ini to AllowMultipleInstances=true DisableIntelligentStart=true.

And in W/11 to enable separate taskbar icons I had to set “taskbar.grouping.useprofile” preference in about:config to true. I use 7+ Taskbar Tweaker and which author has been helpful, thanks be to God for such.

I also run two "stand-alone" installs of Chromium-based Vivaldi, and one of Gecko-based Floorp (from Japan).

Yes, I have a lot of RAM, praise God. May all we have be used for His purpose, and to His glory, not that I always have or do.

[daniel1212]

I see 112 network requests (hit F12 in Firefox, then Network, then F5, and look bottom left), but never had an issue with what you warn of, thank God. Gateway Pundit was calling for up to 500 at one time. FF, 3.

[daniel1212]

Sorry, wrong pic!