NEWS
Israel
Google Blacklist Contained Confidential Information
TechCrunch
January 21, 2007
By Michael Arrington
Internet security firm Finjan
will confirm on Monday that Google’s much-discussed anti-phishing
blacklist contained confidential usernames and passwords of individuals,
including credentials for accounts at banks and other financial institutions.
See the screen shot below for an example -
Google’s current anti-phishing blacklist, which has no access protection,
is
here. It’s used by the Google Safe Browsing for Firefox extension
which is now part of the Google Toolbar for Firefox, according to Michael
Sutton, who has spent some time analyzing it.
Google has not publicly discussed the error, although they quietly removed
the offending data. They have, however, acknowledged it in email correspondence
with Finjan, which was forwarded to me. Google has since removed the confidential
data.
This is nowhere near as serious an issue as the AOL search data released
in August 2006. However, a public statement by Google on the issue is warranted,
along with confirmation that they have attempted to contact the affected
individuals.
Site Map • Privacy Statement • Legal Information © 2007 Benchmark Capital, All rights reserved.
This site powered by Linux, Apache and MySQL