In your post from Jan.16, "On Google Security", you focus on how HTML injection or cross-site scripting can lead to cookie theft and therefore a breach in your privacy/security.
There is another potential threat to security and privacy, which occurs not from cookie theft, but from simple access to a computer where somebody is already logged into a Google account. And given the growth of Google Services tied to a Google Account (as you rightfully point out), this frequency of such a situation when a computer is logged in quasi-constantly will sharply increase.
This creates a problem at least as important in my view, since people in your extended circle of family/friends/acquaintances are statistically the biggest threats for ID theft (source: NYTimes, Nov.13, 2006 – there is a link in my blog).
Your blog post mentioned this: >> Who’s really using Google Docs & Spreadsheets >> for important data? Well, I know some of us are, >> but not that many yet.
As this grows, so does the risk to people's privacy, as long as sensitive documents are not protected. However, there is a possible workaround to this problem (for Google Docs & Spreadsheets). I suggest checking out my blog entry for the illustrated concept: http://lepetitradiateur.blogspot.com/2007/01/suggestion-increased-security-in.html
|