i suggest you record them from your monitor with your webcam

I use the livehttpheaders extension for firefox to look for the real location of the video.

there are ff extentions that download flash movies
there are websites like keepvid.com

session collision to me sounds hard to believe, it could be a one in a milliion fluke ..

I don't know how many users youTube has exactly, but I guess that it doesn't take too much time for them tho get a million logins....

session numbers are typically 128bits ... meaning even if everybody on the planet logged in 10 times a day
it would still 5*10E27

now this is what the youtube cookie looks like

Cookie: VISITOR_INFO1_LIVE=AoiTcQrjxSk; use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; 
user_omniture=3756d44ab2f6fdee26892cc5805390c2dAEAAAAw; GEO=0c471c12cce542a30221900da0a67ea0cxYAAABCRSx2YW4sbWVjaGVsZW4sLCwsLC0x; 
LOGIN_INFO=5294f2f2fb5cf32793997ac072c6fba6e3QgAAAAbV91c2VyX2lkX0FORF9zZXNzaW9uX251bWJlcl9tZDVzIAAAAGQzMjdlNmUzMGVjODBmMTBkYTJhY2E4NjE0MDAwYWZhdAkAAABtX3VzZXJfaWRsAgAAAFBccQgw

feel free to analyse that but it would suprise me if there is less than 64bit possible settings

Although it's hard to believe, the session collision happened to me again a few days ago


However, this time, the session seemed to have expired. When I clicked on any link, I got back to my account.
So maybe this has something to do with YouTube caching mechanism (there is one, haven't you noticed? )

PS: No, I haven't given up on using Linux - it's just that my work comp still runs Winblowz

This happens more often than you think, I and a lot of people I know have had it on several occasions

i already had this problem...

I'm decompiling the LOGIN_INFO cookie..

Originaly it's: bb04346ad5d28bc38c6a3957ddc4bf0ae3QgAAAAbV91c2VyX2lkX0FORF9zZXNzaW9uX251bWJlcl9tZDVzIAAAADU4OTQ1ZDVhYmRmNjc5OWFlNjkwYjNjYjhmYTc3MjVmdAkAAABtX3VzZXJfaWRsAgAAACtbXA10FQAAAG1fYXV0aGVudGljYXRpb25fdHlwZXQIAAAAUEFTU1dPUkQw

When I base64 decode it: m½8ߎšw—vñ·7ñΚßÞ{u×8mý{t ���m_user_id_AND_session_number_md5s ���58945d5abdf6799ae690b3cb8fa7725ft ���m_user_idl���+[\ t���m_authentication_typet���PASSWORD0

You can see there a few plain strings and a hash: m_user_id_AND_session_number_md5s , m_user_idl , m_authentication_typet , PASSWORD0 , 58945d5abdf6799ae690b3cb8fa7725ft

��� is probably a seperator..

The hash is 33 chars long so it's not md5, but as you can see one of the plain strings says "md5". Why?

And what is that thing on the beginning: m½8ߎšw—vñ·7ñΚßÞ{u×8mý{t

EDIT:
I did get some differend LOGIN_INFOs with the same and with other accounts. The hash always ends with a "t". So we could try to remove it..

Also I can give you a more clear list of variables in that cookie:
null = "m½8ߎšw—vñ·7ñΚßÞ{u×8mý" (changes in a session change)
m_user_id_AND_session_number_md5s = "58945d5abdf6799ae690b3cb8fa7725f" (changes in a session change, 32 chars long, md5[?])
m_user_idl = "+[\" (changes in a account change, always same for the same account, 3 chars long)
m_authentication_typet = "PASSWORD0" (always the same)

EDIT2: milw0rm cracker didn't find any plain text from any of the hashes..

and you are at all suprised at this? Session id usually is an md5 hash of a bunch of data, time, random,userdata,...