|
CONSUMER NEWS RECALLS COMPLAINT FORM SCAM ALERTS |
| Small Claims Guide | Class Actions | Lemon Law | FAQ | Resources | Newsletters | Spanish | |
|
|
![]() |
Google Anti-Phishing Feature Accidentally Reveals Too Much |
|||||
|
By Martin H. Bosworth January 23, 2007
Google's "Safe Browsing" feature warns users if a site they are about to visit is a "phishing" site, designed to purloin visitors' financial information for the benefit of hackers. Google keeps a "blacklist" of catalogued phishing sites available and regularly updates it, but Finjan's researchers found evidence of submitters' personal information being included on the list, without any privacy protection. "After examining the data provided in these files, Finjan found that sensitive user information was available on the web with no access protection, including emails, usernames, passwords and session tokens that could be used by hackers to compromise users' privacy," said Finjan's chief technology officer Yuval Ben-Itzhak in a statement. Google issued a statement saying that the offending data was removed, which Finjan independently verified. "We have removed this information from URLs in the blacklist and created a process whereby this information is automatically stripped from future URLs submitted by users," the company added. The story was initially picked up by Michael Arrington at the TechCrunch blog, and independently confirmed by San Jose, CA-based Finjan. The firm published pictures of the list, with the personal information redacted to prevent misuse. The current Google antiphishing list -- minus the offending data -- is still publicly available. Google's Safe Browsing system was incorporated both into the new Google Toolbar for Firefox, and the newest version of Firefox itself. When Firefox 2.0 was released in October, observers noted the potential privacy risk of sending information about visited sites to Google. Some critics said the incident was reminiscent of the massive AOL data breach, where researchers published the private search data of 600,000 subscribers, albeit on a much smaller and less damaging scale. Report Your Experience
|
|||||
Back to the top | |
||||||
Advertisement
|
Home |
Rogues Gallery |
Good Guys |
Complaint Form |
News |
Recalls |
Search |
Video |
FAQ |
|
Terms of Use Your use of this site constitutes acceptance of the Terms of Use
Copyright © 2003-2008 ConsumerAffairs.com Inc. All Rights Reserved. |