Saturday, January 15, 2005
New security flaw in Google’s price comparison engine, Froogle, was discovered by an Israeli hacker.
By embedding JavaScript in a URL pointing to Froogle, a hacker can gain access to the user’s Gmail account. The JavaScript redirects the browser to a malicious web site, where the hacker can read the user’s cookie, which contains personal information, such as purchase history, user name and password for Google services.
According to Nir Goldshlager, who discovered the flaw, even if the user chooses not to save the cookie, the hacker can still discover the user’s user name and password for other google services such as Google Alerts ,Google Group because google stores a unique number per user that identifies the user is other google services, and the hacker will be able to read this identification number.
Report was originally translated by aviransplace.com from hebrew,
Original report of the flaw in english format is here,
www.aviransplace.com/index.php/archives/2005/01/13/serious-flaw-in-froogle-reveals-gmail-accounts/
By embedding JavaScript in a URL pointing to Froogle, a hacker can gain access to the user’s Gmail account. The JavaScript redirects the browser to a malicious web site, where the hacker can read the user’s cookie, which contains personal information, such as purchase history, user name and password for Google services.
According to Nir Goldshlager, who discovered the flaw, even if the user chooses not to save the cookie, the hacker can still discover the user’s user name and password for other google services such as Google Alerts ,Google Group because google stores a unique number per user that identifies the user is other google services, and the hacker will be able to read this identification number.
Report was originally translated by aviransplace.com from hebrew,
Original report of the flaw in english format is here,
www.aviransplace.com/index.php/archives/2005/01/13/serious-flaw-in-froogle-reveals-gmail-accounts/
Friday, January 14, 2005
Google directory has been updated with dmoz dump, Google which uses dmoz directory has now updated its directory with latest dmoz data, Search Engine Genie which was recently acquired into dmoz starts appearing in certain datacenters of google directory,
Check this datacenter directory whether your site appears in google directory,
http://216.239.39.104/Top/
To check other google datacenters for SEO purposes just replace the IP address with the targeted IP of the datacenter you want to watch,
Check this datacenter directory whether your site appears in google directory,
http://216.239.39.104/Top/
To check other google datacenters for SEO purposes just replace the IP address with the targeted IP of the datacenter you want to watch,
