Very nice write-up indeed! Really, it’s an exercise in creativity exploring all those possible paths, in addition to the obvious technical know-how required. I always wonder if, to work in...
Very nice write-up indeed!
Really, it’s an exercise in creativity exploring all those possible paths, in addition to the obvious technical know-how required.
I always wonder if, to work in security/vulnerability research like this, you need to be of a certain “brain type” that enables you to go through and come up with all these ideas in search of an insecure one; or if it is a trainable skill like any other.
I think there does need to be some degree of deviance to derive joy from poking holes in systems. When I was a tween, shortly after the Columbine shooting, we had a bomb threat drill. The...
I think there does need to be some degree of deviance to derive joy from poking holes in systems.
When I was a tween, shortly after the Columbine shooting, we had a bomb threat drill. The procedure was to evacuate everybody from the building into the bleachers of the football field a few blocks away (it was shared with the high school).
I helpfully pointed out to the teachers that if I was going to bomb the school knowing this plan, I'd just hide the explosives under the bleechers since it would be easier to do so since they're accessible after school hours.
They didn't appreciate this insight, but they did end up modifing the evacuation procedure to spread people out rather than concentrating in one spot.
I love how a bunch of small, seemingly useless behaviours can be chained together to do something unintended. Also, TIL you can literally replace drive with docs in the URL and it keeps working...
I love how a bunch of small, seemingly useless behaviours can be chained together to do something unintended.
Also, TIL you can literally replace drive with docs in the URL and it keeps working without even redirecting, that's pretty silly
Dang, I was hoping this was a method for stealing one's own files from YouTube, not someone else's files. My brother had a video deleted from his YouTube channel recently that he didn't have a...
Dang, I was hoping this was a method for stealing one's own files from YouTube, not someone else's files. My brother had a video deleted from his YouTube channel recently that he didn't have a backup of, and I had hoped this would give me access to that file that surely Google still has archived up somewhere.
Ah well, still an interesting read! Surprisingly well-explained to someone who has never been nearly this tech-savvy.
Very lovely write-up about an exploit chain through Google Slides' YouTube integration, complete with interactive HTML/CSS demos!
Very nice write-up indeed!
Really, it’s an exercise in creativity exploring all those possible paths, in addition to the obvious technical know-how required.
I always wonder if, to work in security/vulnerability research like this, you need to be of a certain “brain type” that enables you to go through and come up with all these ideas in search of an insecure one; or if it is a trainable skill like any other.
Likely a combination of both things.
I think there does need to be some degree of deviance to derive joy from poking holes in systems.
When I was a tween, shortly after the Columbine shooting, we had a bomb threat drill. The procedure was to evacuate everybody from the building into the bleachers of the football field a few blocks away (it was shared with the high school).
I helpfully pointed out to the teachers that if I was going to bomb the school knowing this plan, I'd just hide the explosives under the bleechers since it would be easier to do so since they're accessible after school hours.
They didn't appreciate this insight, but they did end up modifing the evacuation procedure to spread people out rather than concentrating in one spot.
I love how a bunch of small, seemingly useless behaviours can be chained together to do something unintended.
Also, TIL you can literally replace
drivewithdocsin the URL and it keeps working without even redirecting, that's pretty sillyDang, I was hoping this was a method for stealing one's own files from YouTube, not someone else's files. My brother had a video deleted from his YouTube channel recently that he didn't have a backup of, and I had hoped this would give me access to that file that surely Google still has archived up somewhere.
Ah well, still an interesting read! Surprisingly well-explained to someone who has never been nearly this tech-savvy.
Could try a GDPR potentially