Uncategorized

Archived Posts from this Category

Fri 29 Jun 2007

Google groups security hole

Posted by omry under Uncategorized
1 Comment 

While managing my firestats-users google group, all the sudden I noticed I am logged in under a different user - Victoria from Washington D.C.
just like that, one moment I am under my own user, and in the next I am under Victoria’s user.
I could see what groups she is reading, send myself an invitation for one of her groups and even edit her profile(!).
I emailed her and Google about it.

Google, you messed up.

This is how it looks (a slightly censored version):
Google groups security hole

Update:
Google claim to have fixed it:

Thank you for contacting us. We’ve made some changes recently that should
have resolved the problem you reported in our discussion group. Please let
us know if this issue persists.

Regards,
The Google Team

 

Tue 19 Sep 2006

Spam poison

Posted by omry under Uncategorized
No Comments 

I bumped into a simple trick to poison the database of nasty spam crawlers.
a but the will bump into the spam posion link on the sidebar will get an endless suply of random email addresses, to his endless enjoyment.
spam posion