Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Openurmind
Wow, that's incredible that they would have the audacity to do such a thing.

Thank you. I will be avoiding YT until they stop this nonsense. Question though, how does one about finding the scripts you found?

66 posted on 08/10/2024 6:42:55 PM PDT by ducttape45 (Jeremiah 17:9, "The heart is deceitful above all things, and desperately wicked: who can know it?")
[ Post Reply | Private Reply | To 65 | View Replies ]

To: ducttape45

They are pretty much undetectable. I just happened to have the right environment to alert me. I had to have two tools together expose it.

Now here is the thing. They are ALL doing this hidden tracking and fingerprinting script browser con. but this was unique, it was an actual bot with it’s own IP address riding into my log in with me.

Our site has a default security tool to prevent someone from hijacking our user’s accounts while they are logged in. It is constantly watching for IP address changes.And when it sees one it kicks us out and makes us log back in. Just to be safe and make sure it is just us and not a bot hijacking the account while it is being used.

And I strictly take the extra time and effort to use the “NoScript” tool which blocks ALL scripts and gives warning of any crosssite scripting efforts. The two worked together to alert me of the problem and how serious the problem was. Not only did the site kick me out because it detected a highjacker, the NoScript instantly gave me a warning about how logging into our site was not safe because Youtube (by name) is riding in with me and trying to identify me.

So once this bot is attached to your browser it is making note of your credentials, your IP address, and the IP address of the target site you are logging into in efforts to identify you. This is a huge security issue for not just the user but also the domain you are logging into. They can basically gain access to your accounts anytime they like.

So even though it is a lot of extra effort to use NoScript, it has become absolutely the best tool you can get to help prevent this from ALL sites. And any time after you even land on Youtube your cache needs to be cleared before you even think about logging in anywhere else. This is why I am making efforts to figure out how to run two browsers completely separated and isolated from each other. One for youtube and it’s bot/scripts if you really need it, and the other to log into your favorite sites safer.

It is the only way you can safely go grab stuff from Youtube and post it in the other site without compromising your account on the site where you are logged in and posting like the FR. Everything else needs to be completely separated from Youtube in it’s own browser now. And just bringing up two will not do this because they will still share the same cache folder. I am working on making each have their own cache independent and isolated from the other.


67 posted on 08/10/2024 7:36:12 PM PDT by Openurmind (The ultimate test of a moral society is the kind of world it leaves to its children. ~ D. Bonhoeffer)
[ Post Reply | Private Reply | To 66 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson