Google Blacklist Contained Confidential Information - UPDATE
Michael Arrington writes on TechCrunch:
Internet security firm Finjan will confirm on Monday that Google’s much-discussed anti-phishing blacklist contained confidential usernames and passwords of individuals, including credentials for accounts at banks and other financial institutions.More here.
Google’s current anti-phishing blacklist, which has no access protection, is here. It’s used by the Google Safe Browsing for Firefox extension which is now part of the Google Toolbar for Firefox, according to Michael Sutton, who has spent some time analyzing it.
Google has not publicly discussed the error, although they quietly removed the offending data. They have, however, acknowledged it in email correspondence with Finjan, which was forwarded to me. Google has since removed the confidential data.
UPDATE: 15:13 PST: InfoWorld now has a detailed description of the incident here.
posted by Fergie @ 1/22/2007 11:04:00 AM
0 Comments:
Post a Comment
<< Home