A few days ago Russian hacker Kamil Hismatullin discovered a very important gap in the site YouTube , which allowed virtually anyone to remove any film in it placed. Service to verify the uses for tokens that are unique to the user, but failed to discover Kamil, when the request for the removal of the material side accept any token instead assigned to the author, which was a very big threat to all content published on YouTube.
Kamil decided not to use this gap and instead immediately informed about it Google , allowing earned a prize of $ 5000, which awarded him the giant US under the Vulnerability Research Grant. Russian revealed, however, that the study of matter only spent 6-7 hours, of which – as he jokes – some devoted to considering whether the channel is not clear Justin Bieber.
Hismatullin highlights the very quick response from Google that answered his discovery in just a few minutes and quickly, because in just a few hours, to correct the error.
$ 5000 for the discovery of such a large gap does not seem too exorbitant sum, but the maximum amount which Google is assumed in this case.
No comments:
Post a Comment