Welcome to P2PNET.net - The original daily p2p and digital news site. Always First!
Register | Login
RIAA News
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
TV
Open Source
Mobiles
Advertising
Product News
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Search: 
Search
 
Web P2PNET   
   Search: 
Search
Torrent Site Tracker
TekSavvy
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Google Firefox data hole

p2pnet.net News:- Data for Google’s Firefox Safe Browsing extension were, for a period of time, wide open on Google’s servers, says a security company.

The story was initially picked up by TechCrunch’s Michael Arrington and independently confirmed by Finjan, says ConsumerAffairs.

“Finjan became aware of the problem after examining a publicly available list of URLs provided from Google’s servers” says Finjan cto Yuval Ben-Itzhak.

“After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users’ privacy.”

The data could have been used to compromise user privacy, “and could even have been used for identity theft or financial profit (as users generally have a single “web” password for most of their online accounts),” says Finjan.

“We have removed this information from URLs in the blacklist and created a process whereby this information is automatically stripped from future URLs submitted by users,” ConsumerAffairs has Google saying..

Google’s Safe Browsing system was incorporated both into the new Google Toolbar for Firefox, and the newest version of Firefox itself, says the story, adding:

“When Firefox 2.0 was released in October, observers noted the potential privacy risk of sending information about visited sites to Google.

“Some critics said the incident was reminiscent of the massive AOL data breach, where researchers published the private search data of 600,000 subscribers, albeit on a much smaller and less damaging scale.”

The current Google antiphishing list, cleaned up, was still online this morning.

Slashdot Slashdot it!

Also See:
ConsumerAffairsGoogle Anti-Phishing Feature Accidentally Reveals Too Much, January 23, 2007
FinjanFinjan Reconfirms Google’s Anti-Phishing BlackList Exposed Confidential User Information, January 22, 2007

Want to subscribe to p2pnet by email with Feedburner? Just click here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use our own p2pnet newsfeeds for your site

If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.

This entry was posted on Wednesday, January 24th, 2007 at 7:59 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 1521 times

« previous BBC, YouTube, deal
UK cellphone crackdown next »

Leave a Reply

Please no Spam, flaming (attacking others), trolling, and posting off-topic. Thanks.

    Advertisements
MP3Rocket


Remove Spyware with AntiSpyware for Windows®