Google Photos is handy. You take pictures and videos on your cell phone, and they automatically upload to the cloud. If you’re anything like me, however, every snap comes with a self-reminder that “the cloud” is a fancy name for someone else’s server. What could possibly go wrong? How about some of your videos randomly included in another user’s downloads?
Confirmed by Google themselves, this bug hit those using Google Takeout, the service that allows you to download all your data from a Google application, as a single archive. Google Photos archives downloaded between November 21 and November 25 may contain videos from other users, according to a notice sent to the users who downloaded said archives. It’s notable that those notices haven’t been sent to users who’s videos were exposed.
Whatsapp has been in the news for a couple reasons in the last few days. I’ll leave it to you to decide if the stories are related. First, Jeff Bezos seems to have had some of his accounts or devices compromised by Saudi agents. The popular theory is that a video sent over Whatsapp contained an exploit, which when downloaded on Bezos’ iPhone, resulted in a persistent compromise. This theory seems to be supported by an analysis by FTI.
Reading through the report is… underwhelming. The video they suspect to have been the compromise vector wasn’t ever successfully decrypted. No actual Indicators of Compromise were found, and no maliciously changed systems files were identified. The closest thing to a smoking gun f ..
Support the originator by clicking the read the rest link below.
