How Cameo’s Private Celebrity Videos Were Open to the World
It used to be that if you wanted to interact with your favourite celebrity you’d have to do elaborate things like camp out near a red carpet in Hollywood, lying in wait, until you finally got the chance to scream-ask Queen Bey for her autograph amongst a gaggle of other fans.
Well, in 2020, like everything else in this world, including our dating lives, our health, and voting there’s an app for paying celebrities to give you personalized shoutout videos. That’s right, the app Cameo provides you a list of celebrities ranging from Snoop Dogg to Michael Rappaport, that you can select, pay, and then receive everything from a personalized ‘happy birthday’ to a ‘get well soon’ from your favourite celeb.
But through a flaw in its website's design, a security researcher discovered that many of these personal videos were available to anyone, including those that had been set to 'private'. Motherboard then wrote code to find the private videos en masse.
Joseph Cox, Motherboard reporter of cybercrime and sketchiness extraordinaire, tells CYBER how he broke the story and got Gilbert Gotfried to verify the flaw on Cameo’s site with a personal message using that lovable voice of his.
See acast.com/privacy for privacy and opt-out information.