Posted on 08/04/2024 12:35:56 PM PDT by Openurmind
I have detected a serious YouTube security threat that needs exposure. All IT and security experts welcome to please check into my findings and chime in. Here is what I found so far.
Years ago this was a problem. Just going to youtube or Google mail at all even on another tab without logging in would load strong spyware in your browser and even in your machine permanently which required reinstalling your OS to remove. It tracked logins on other tabs and was gaining access to keyboards, microphones, and cameras even if you just landed on their site by accident. Folks caught on and exposed it and then it stopped.
It is back... I am starting to get the warnings again so they are up to their old tricks again. You can't even load Youtube up on another tab and be safe on the one you are already in. As soon as you do it crosscripts and tries to hitchhike with you into the site you are logged into or logging into giving them direct over the shoulder API account access. I discovered it because our site has IP detection security that kicks you out on the fly if there is any change of your IP address status forcing you to log back in and verify it is actually you. But my IP address remained the same.
So it detected the second IP address trying to access my account along with my current IP address as soon as I landed on youTube. Our site immediately kicked me out and made me log back in with warnings about the crossscripting from Youtube coming from my developer tools. They are attaching a real time cross domain API to our browsers that gathers credential and identity data about our logins. I had to go clear all my data and history cache before I could login safely without it.
This is serious, this is not just for sites like the FR, it is every site you log into with credentials. Work, business, shopping, banks... Everything. So If you use youtube or Google be sure and clear everything in your cache before you go log in anywhere else. And DO NOT use it while already logged in anywhere. It immediately jumps in bed with you and is also logged in with you. I am testing now but the only cure I see that might be easy and work to prevent it would be to bring up Youtube in a second browser to run YouTube in separate from the other browser where you are logged into or logging into other sites. I am still testing this option to make sure the browser does actually keep them apart from each other. hopefully it will not take tweaking to make them secure from each other. Any and all help from the experts here is welcome.
They just went off and ruined it for those who like to share YouTubes...
Wow...thanks! :-)
Thank you for suggestion.
Thank you. Bookmark for research.
“If Google is using an API would they get the information from /AppData/Local or AppData/Roaming to get around any security and track me?
This seems to be more than tracking my movement around the web.”
Yes, this is a real time direct API that actually carries it’s own physical IP address. Once it is active in your browser it is logging credentials and IP addresses on the fly until it is cleared from the cache. So you can’t be on youtube and still safely be logged into any other sites at the same time.
As far as /AppData/Local or AppData/Roaming I’m not sure exactly how that works, But it is tracking everything you are doing in real time and it is a high security threat for sites you are logged into or logging into. Let me explain a little better how I found it.
I was logged into our site with a fresh browser up and almost zero data cached. Only the minima data from ours. I copy and pasted a Youtube link from ours into a new tab. My Noscrip blocked all the scripts there so I had to “allow” just the one main JS or the page will not let you play the video. As soon as I went back to ours and refreshed it I got warnings from both Firefox and NoScript that Youtube was breaching logins and our site kicked me out at the same time.
We are using phpBB and it has an IP checker security feature that works on the fly. If your dynamic IP changes even while logged in using it then it kicks you out and makes you log back in again with fresh credentials to make sure it is really you the user. But here was the problem, my IP had not changed, it was the same, it was detecting a second physical address over riding mine. This should not have happened at all. The only answer can be a second user (bot) and second physical IP address.
So I cleared everything and repeated it two more times. Same thing, they have a direct API that is trying to ride in with users and logging credentials. And once it is loaded it is there until you go clear your cache. So it is not safe using your browser on any other site you log into after just visiting Youtube. I have a screenshot of the NoScript warning and it specifically says the security issue is directly from Youtube.
This has never happened before and is new. Most sites do not have that particular IP security feature phpBB has, so they have no clue it is happening. and it is hidden of course so users are clueless too. But this is serious and a cure needs to be found right away. It makes me personally not even want to go to YouTube anymore at all. It is a security risk to our domain and site let alone the privacy breach of our users.
This could allow Google and/or Google affiliates to have direct access into our site as bad actors using known trusted user’s credentials. It is just as bad for the websites as it is for the users.
Can you share the blockers you use, thks...
BKMRK.
I run the site at AmericanStasi.com, and have been a pretty high priority target of surveillance for a while.
Is it possible due to your online activity in politics, or your security work, you are a target of intelligence, and this is them attacking you specifically? Google is basically a CIA project now, and fully owned by the intelligence community.
Have you had others replicate what you are seeing?
I use Bitdefender Total Security which you can customize however you want. You buy one license and it’s good for 5 devices so I use it on my desktop, laptop and both cell phones.
My browser is Firefox or Brave depending on which I use. Both are set up to clear all history, cache, site permissions etc. on exit and I quite often clear it between sites while searching.
Privacy Badger is my tracker blocker and it works on ads as well. You go to settings and adjust whatever trackers you can block. I searched Google and blocked every tracker they have and there’s a ton of them. There’s others that are almost as bad.
I never get personalized ads and I also have no microphone or camera connected to the desktop and the laptop they are disabled through Bitdefender and device manager. My cell phone microphone is disabled except when used for the phone. I also reset the smart TV advertising ID about once a month and opt out of ACR.
I know you AC thanks for chiming in. I’m ATP from the TA. Yes I am being watched for sure. To the tune of imaging planes doing grids over my isolated remote location. And I know it is me, I am the only one here. I am chasing down the source that would make them so interested in me. It is closer than we would think. Much closer... Right under our fingers. Working on proving it now. I keep fishing and they will slip up and I will catch it.
Yes I am very familiar with Alphabet and who they are and what they are capable of, I have dealt with them personally in the past. But this particular issue is with general access at Youtube for sure AC. I tested it twice after the first incident and it is part of their general JS script package so everyone is getting hit with it. No one else in my circles uses the security tools I am using because they take extra work to navigate which is inconvenient for most. But even at that I would not have caught the true scope of it being a hitchhiking bot if it had not been for the default IP address security features at the TA. But I can clear out my cache and I am good again so it is not just mine or it would remain in my stuff and persist.
I posted the screenshots to show what I am getting if you can find a few to come drop in over there. As you know you are always welcome, SS can link you to it. NoScript warning lists Youtube specifically as the identity/credential security issue without a doubt. And I picked it up each time I went to YouTube and loaded their JS. They were pulling this same stuff back in 2008 and again in 2012. But back then they were also accessing local machine microphones and cameras along with their keylogging and tracking.
It boils down to this AC, just as important as user security, interacting with YouTube at all has now become a security risk for domain sites also. If they are keylogging credentials and user IP addresses they can gain access aside from the identity issue.
That is amazing. Great catch.
I went ahead and cleared Firefox (history, etc.). They don’t specifically mention “clearing the cache” but they allowed me to clear everything. So now I’m back on, and I’ll be logging back into everything, but not YouBoob.
On firefox it is an option to “clear data”. It is separate from the history. You want to clear both.
“Cache” is where these both are stored in the files. So techs use the term “clearing the cache” in reference to clearing both of these out to have an empty cache.
On firefox it is an option to “clear data”. It is separate from the history. You want to clear both.
“Cache” is where these both are stored in the files. So techs use the term “clearing the cache” in reference to clearing both of these out to have an empty cache.
I did clear both data and history, as I recall. What a mess.
You’ve clearly explained the how of what’s going on. What I’d like to know is why? Either Alphabet/Google/Youtube is collaborating with the government to gather our info, or the corporate scum want something to hold over the “customers”, or they’re doing something that makes no real sense at all.
Exactly right. They are gathering data for the government. And their parent company is BlackRock. No theory, BlackRock is the head of the New World Order global government. They are right now identifying and classifying everyone as opposed to their power or not. They are flagging dissidents.
Well, I’m in deep doo doo. I’m sure they have a program to identify such troubling terms as “corporate scum.”
I wouldn’t worry it much. They know they are and they are proud of it. :)
On my desktop with a 23'' screen, I have multiple installations of Firefox portable, each for its own general purpose, and which load separately, though to enable then to run concurrently, in your profile folder you need place and edit a copy of the FirefoxPortable.ini from Other\Source to the main folder of FirefoxPortable (in Windows, not Linux, you can just right click on the shortcut Firefox icon, then hit Properties, then Open File location which is where you want to place FirefoxPortable.ini, which is to be found and copied from in the Other>Source folder. Paste and then edit/change that FirefoxPortable.ini to AllowMultipleInstances=true DisableIntelligentStart=true.
And in W/11 to enable separate taskbar icons I had to set “taskbar.grouping.useprofile” preference in about:config to true. I use 7+ Taskbar Tweaker and which author has been helpful, thanks be to God for such.
I also run two "stand-alone" installs of Chromium-based Vivaldi, and one of Gecko-based Floorp (from Japan).
Yes, I have a lot of RAM, praise God. May all we have be used for His purpose, and to His glory, not that I always have or do.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.