Comments on: Google Blacklist Contained Confidential Information

By: Gustavo riffo

Gustavo riffo — Wed, 15 Oct 2008 21:58:36 +0000

Given their reach and the speed with which people adopt their (perpetually beta) products, they need to have even more layers of process in place to guard against errors like this and the Ajax flaws from a few weeks ago. It’s not a case of “flawed humans”, but competing priorities: quality control vs. rush to market.

By: The 10 Commandments of Web | MakeUseOf.com

The 10 Commandments of Web | MakeUseOf.com — Sun, 14 Oct 2007 11:48:58 +0000

[...] to keep your personal info private it can always leak. It happened with AOL and it happened with Google, so it can happen with [...]

By: Real Infoware Pvt. Ltd.

Real Infoware Pvt. Ltd. — Wed, 21 Feb 2007 14:11:08 +0000

If your site is hacked and turns spammy, Google may need to remove your site. Before Google take any action about your site report to google spam report http://www.goog...spamreport.html and read Digital Millennium Copyright Act http://www.goog...e.com/dmca.html

By: Security Watch

Security Watch — Tue, 23 Jan 2007 13:06:12 +0000

Now what would be really interesting is to know if the phishers have been mining the anti-phishing tools for data…

By: Tara

Tara — Tue, 23 Jan 2007 11:04:48 +0000

Suppose it was one of *your* “standard” passwords exposed in that list – how many other accounts could that same password have been used to gain access to?

Can it be repeated enough? Do not reuse your passwords.

By: vs

vs — Mon, 22 Jan 2007 23:07:14 +0000

Google should’ve removed all options passed in URLs. That would’ve hidden most sensitive information.

By: nick99

nick99 — Mon, 22 Jan 2007 21:09:44 +0000

google is so powerful, it is almost scary

By: AS

AS — Mon, 22 Jan 2007 18:14:14 +0000

If use you use Gmail, they run phishing controls on incoming mail. It often gets false positives on Citibank emails.

I tried clicking the “Not a scam” button.

In order to unlock the email and display images, you must agree to send the entire contents of the email to Google’s anti-phishing team. You can’t see your own mail unless you wish to participate in their anti-phishing activities.

Given that the email was from a bank, I just said no thanks.

By: Codie

Codie — Mon, 22 Jan 2007 15:47:21 +0000

Would unchecking the option in the new google toolbar be a workaround for this problem?

By: Software Outsourcing

Software Outsourcing — Mon, 22 Jan 2007 10:35:22 +0000

Ya It’s true but google only index that page wich are linked from another page or website which easy to index or static link to that URL, It’s not new news it often happen. Because Google use robots not manual index and manual is not possible.

Jim
http://www.tatvasoft.com

By: Bess

Bess — Mon, 22 Jan 2007 09:13:19 +0000

If HIPAA find out, Google will have a lot more explaination to do.
http://www.hhs.gov/ocr/hipaa/

Why Google has so many beta products out there for months and years? When Google can finish the software release cycle?

By: Robin

Robin — Mon, 22 Jan 2007 07:29:57 +0000

This isn’t Google’s fault as such. The only way the information could have gotten there is by the user going to the phishing site, putting their details in, hitting submit, and then reporting it. So they’re screwed anyway.

People need to be reporting it earlier in the cycle, otherwise it’s too late anyway.

In the interests of niceness, Google could scan for obvious things like ‘pass’ in the GET parameters, but doing that automatically is never going to be 100%.

By: Survival Shows

Survival Shows — Mon, 22 Jan 2007 02:25:20 +0000

@8 Working agian.. come on google fix !

By: Matthew Berman

Matthew Berman — Mon, 22 Jan 2007 00:26:02 +0000

come on google, get with the program!

matt

By: Banduin

Banduin — Sun, 21 Jan 2007 23:32:38 +0000

It’s not the actual banks that were using GET requests, it was phishing sites, which I guess don’t care if that data gets out.

By: filix

filix — Sun, 21 Jan 2007 23:24:23 +0000

If this screenshot is only referring to GET requests, then it’s the banks fault to allow that info in the URL’s anyhow.

Otherwise, if their POST’s… oops. Google blunder indeed.

By: Jorge

Jorge — Sun, 21 Jan 2007 21:29:43 +0000

Wow…
Even MS never released its customers personal and financial information.

Let’s add that to the list of crap that Google has pulled in the past year alone, and Google comes out to being the Enron of the software industry, second only to SCO.

It’s a good thing Google doesn’t have any of my personal info…

By: Jasonwashere

Jasonwashere — Sun, 21 Jan 2007 20:53:25 +0000

I dont like the toolbar either. Google isnt a god…Its an overrated search engine in my opinion…..
But on the other hand I do own stock in them….haha

By: Noel

Noel — Sun, 21 Jan 2007 17:49:30 +0000

@10 that’s a great term – “stupidness Police” – I broke out laughing at that one! Sounds like the makings of a comic book or cartoon series.

By: helio9000

helio9000 — Sun, 21 Jan 2007 17:33:27 +0000

I remember reading a bit about how the TOS for the google phishing filter stated that personal information might be collected and sent to google but no one cared because google is infallible and all.

By: PohEe.com

PohEe.com — Sun, 21 Jan 2007 15:42:05 +0000

As I know, IE7 has this anti phishing feature. how can firefox is slower than IE. Google must improve this. Don’t lose out to MSN/LIVE. Anyway, my country malaysia had alot of phishing cases. One example is happens on our leading internet banking site, http://www.Maybank2u.com. The phishing guy was hosting their server in Russia. Due our stupidness Police, they can do nothing on them because their technology is 10 years behind other country. When phishing happens, they only wiki the meaning of phishing. kakakkaka. If you wan to test out phishing activity, come to my country. Use it as the test bed. I am confirm you will success.

By: Sprague Dawley

Sprague Dawley — Sun, 21 Jan 2007 15:10:40 +0000

By: Ronin

Ronin — Sun, 21 Jan 2007 15:09:26 +0000

403 Forbidden now.

By: Jojo

Jojo — Sun, 21 Jan 2007 12:36:32 +0000

Old news … I read that somewhere last year. Of course shame on Google for not doing something against it.

By: SearcH EngineS WeB

SearcH EngineS WeB — Sun, 21 Jan 2007 12:33:12 +0000

Which goes to show you,

you can seek out and hire only the BEST ENGINEERS &DEVELOPERS in the world – out of thousands of highly qualified applicants….

But in the end, despite all the hype and mysticism….. we are All Still Flawed Humans