This is uncomfortably close to the way I imagine a glitch from something like a FOXACID exploit might look, and youtube is a known exploitable service. Maybe I need to get someone more skilled than myself have a close look at this machine.
Knowledgeable people here, would you please comment if there's reason to rule out concerns about this.
No "knowledgeable people" can rule out anything. You must consider any machine that is connected to any network compromised, if you have anything "sensitive" on there. You have to define for yourself what "sensitive" means.
This is a fair point, but I find that in practice I usually need something more like a probability assessment to act on, or better information about mechanisms.
Disambiguating information such as 'the flash component reloading normally occurs under condition X and Y, you guys may have been compromised but you'll have to decide if that's more plausible than X or Y' or technical constraints like 'to pull off exploit delivery that way an attacker would have to P, Q and R. If they did it should leave traces in S which you could try to check by doing T' would be a real help.
I'm certainly not disagreeing in theory with taking a pessimistic view on the security of any networked machine, but unfortunately that's way too restrictive as basis for action in most situations.
