Google Blogoscoped

Forum

Google Buzz security flaw reported

Juha-Matti Laurio [PersonRank 10]

Wednesday, February 17, 2010
12 years ago2,043 views

"....
There’s four things of note here.
Firstly it’s on Google’s domain, not some other domain like Google Gadgets or something. So yes, it’s bad for phishing and for cookies.
Secondly, it’s over SSL/TLS (so no one should be able to see what’s going on, right?).
Third, it could be used to hijack Google Buzz – as if anyone is using that product (or at least you shouldn’t be).
And lastly isn’t it ironic that Google is asking to know where I am on the very same page that’s being compromised?
...."

http://ha.ckers.org/blog/20100216/google-buzz-security-flaw/

Juha-Matti Laurio [PersonRank 10]

12 years ago #

The vulnerability has been fixed now:

http://www.computerworld.com/s/article/9158218/Google_fixes_Buzz_bug

Forum home

Advertisement

 
Blog  |  Forum     more >> Archive | Feed | Google's blogs | About
Advertisement

 

This site unofficially covers Google™ and more with some rights reserved. Join our forum!