[nycphp-talk] [OT] Gmail security issue - avoid Froogle for a while?

inforequest 1j0lkq002 at
Mon Jan 17 14:48:29 EST 2005

Keith Richardson |nyphp dev/internal group use| wrote:

>hmm link is down... do you have a recap of what it said?
>On Sat, 15 Jan 2005 01:15:01 -0500, inforequest
><1j0lkq002 at> wrote:
>>Looks like a Froogle link can grab your personal info and access to
>>Google services data...

For clarity, there are reports it has been fixed (unconfirmed byme).

The original report is here (in Hebrew),,,00.html?CG=US&HU=/articles/0,7340,L-3031962,00.html
A second flaw fixed by google on the same day (but not the same issue) 
is here:,10801,98920,00.html
The slashdot coverage is here:

Since you are reading this via gmail, why doesn't google detect the 
context and insert a nice big banner ad that says "Froogle has been 
fixed! Gmail is safe! Be Happy!"... since they CAN.
(well, that's what I would do if I worked there)

-=john andrews

More information about the talk mailing list