Major Google Web Accelerator Security Issue

By tajddin
in Site & Forum Issues

 Share

Recommended Posts

Enthusiast

YaKaLeDo

Posted
Posted

It seems that Google is expecting that every web page that asks for a login and password to be SSL secure.

Which just makes sense.

I understand that most forum software don't use SSL.. I don't know how feasible is that, but maybe they should.

Mentor

RootWind

Posted
Posted
Wow, now that's a beta issue if I've ever heard of one! :blink:

Well, this is definitely a slip in their QA procedures.

Their programmers are generally good though. Look at google.com, Gmail, Google Maps, and so on. :)

I'm not sure of what "conspiracy" you're talking about, when it has to do with users logging into forums with another guy's account?

585880380[/snapback]

Well, they have been hiring a boat-load of people in recent months. Might be beginning to fall under the "current structure doesn't fit that many workers" category.

Collaborator

EddieZ

Posted
Posted

WARNING!

Do NOT use any online/electronic/internet banking or credit card purchases with this 'web accellerator'. All the information that is needed tot deduce algorithms and the cardnumbers (including the security numbers) are present in the stored cache.

Grand Master

Tim Dorr Veteran

Posted
  • Veteran
Posted
WARNING!

Do NOT use any online/electronic/internet banking or credit card purchases with this 'web accellerator'. All the information that is needed tot deduce algorithms and the cardnumbers (including the security numbers) are present in the stored cache.

585881200[/snapback]

If it's done on an HTTPS site, then it's not cached at all.

Grand Master

NienorGT

Posted
Posted
WARNING!

Do NOT use any online/electronic/internet banking or credit card purchases with this 'web accellerator'. All the information that is needed tot deduce algorithms and the cardnumbers (including the security numbers) are present in the stored cache.

585881200[/snapback]

WHAT???

Hopefully I don't use that junk...

But i'm sure that Google will be sued for this... I hope so...

Man... even if it's a stupid Beta...

It violate all privacy / security laws...

Proficient

XPGoD

Posted
Posted
If it's done on an HTTPS site, then it's not cached at all.

585881227[/snapback]

But some sites... are retarded. UMB Bank has a way you can log in to your account minus all the HTTPS until your staring at your bank info...odd yet true. Hackers usually don't go after the "pot" of info without first getting slivers. Enough slivers presents a whole piece.

Most people for some reason become moronic when creating passwords to things later used for secure purposes/personal use. The odds of getting a forum password, versus that a bank.... As you know, the ideas are endless.

Beings that each time I post, no one posts after, yet reads.... oh well eh?

Grand Master

John Veteran

Posted
  • Veteran
Posted
Doesn't surprise me, as with any new software they're going to be problems.

585881938[/snapback]

This is far more serious than some sort of "bug" that one would expect in pre-release (beta) software. Google decided to have the tool cache cookies. WHY? "For performance reasons". Bull****. There's no reason whatsoever to cache cookies from one machine and spread them to thousands of other machines. The whole concept of a cookie is to store unique information about a user or machine. Google has just made cookies a massive, worldwide security issue with this decision to "cache" (read: share) cookies.

Collaborator

nickg78

Posted
Posted (edited)

Being a beta version isn't an excuse for such problems. Performance reasons isn't an excuse either. I believe they should remove this software from their page, untill they fix it and they remove the cookies remote caching "feature".

Edited by nickg78
Grand Master

Bhav

Posted
Posted
Being a beta version isn't an excuse for such problems. Performance reasons isn't an excuse either. I believe they should remove this software from their page, untill they fix it and they remove the cookies remote caching "feature".

585882185[/snapback]

:yes: agree completely.

Grand Master

Doli

Posted
Posted

Where are the "ill follow Google into hell" fans now? i dont really buy this researchware stuff, spyware with a friendly name.

well Google made a bad bobo, they will fix it but broadband should be fast enough without it, do you really need it? you were fine before it

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • VS Code 1.123 introduces massive upgrades for persistent AI developer workflows

      By binaryzero · Posted

      Niiice
    • Tor Browser 15.0.15

      By Copernic · Posted

      Tor Browser 15.0.15 by Razvan Serea Protect your privacy. Defend yourself against network surveillance and traffic analysis. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody from watching your Internet connection and learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked. The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained. Tor Browser 15.0.15 changelog: All Platforms Updated NoScript to 13.6.20.1984 Updated Tor to 0.4.9.9 Bug tor-browser#42436: Allow for multiple configured (front, reflector) domain fronting pairs in Moat module Windows + macOS + Linux Bug tor-browser#44997: Captcha doesn't work in TB desktop Linux Bug tor-browser#44886: Backport tor-browser#44361: Notify Linux i686 users that they won't receive updates anymore Download: Tor Browser (64-bit) | Tor Browser (32-bit) | 109.0 MB (Open Source) View: Tor Browser Website | Other Operating Systems Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • AV2, successor to popular YouTube, Netflix, Amazon codec AV1, has a hard battle ahead

      By Nas · Posted

      Less disk space means less bandwidth demands which means lower operating costs for service providers... that's where money talks. ... cuz it's not about improving video quality!... that's just marketing spin.
    • AV2, successor to popular YouTube, Netflix, Amazon codec AV1, has a hard battle ahead

      By Nas · Posted

      And thereby lies the rub. AV1 support is not as wide as paid analysts would have the industry believe. With AV2 around the corner, it's going cause more time backlog in adoption (how many recent purchasers will upgrade yet-again within the next 6-12 months? most would rather stay pat for another 1+ years before even thinking about upgrading their setups).
    • Microsoft OneDrive is getting a simple yet much needed feature

      By hellowalkman · Posted

      Microsoft OneDrive is getting a simple yet much needed feature by Sayan Sen Microsoft has been steadily expanding OneDrive’s file management capabilities over the years, including for shared content and shortcuts, although it has had its flaws, too. The cloud storage platform introduced support for folder shortcuts several years ago, allowing users to pin frequently accessed shared folders from OneDrive, SharePoint, and Teams. Now, Microsoft is refining that experience further with a new way to organize those shortcuts as revealed in a recent Microsoft 365 roadmap addition. Previously, shortcuts added through the “Add shortcut to My files” option would appear alongside all other files and folders in the root of a user's OneDrive. And although it's meant to be useful, this approach could also create clutter along the way, especially for heavy users who may have to work with large numbers of shared folders across multiple projects and teams on their systems. This is where Microsoft’s latest feature comes in, as it is looking to address this inconvenience by giving users the option to place new shortcuts inside a dedicated “Shortcuts” folder instead. The feature is designed to keep shortcut links organized into a single location instead of scattering throughout the main OneDrive directory. Hence, the idea is to make navigation and usability easier and simpler. The first time a user chooses this option, OneDrive will automatically create the folder, and to help make it stand out from the other folders, the Shortcuts folder will have a distinct visual identity featuring a unique color and a building-style icon. That being said, the new Shortcuts will behave just like any other folder in OneDrive, and as such, users will be able to move it to a different location, rename it, share it with others, or remove it entirely if they prefer a different structure. You can view the entry on the Microsoft 365 roadmap website here. Currently, the feature is in the "in development" phase, but the tech giant expects the rollout to start next month (July 2026). Do keep in mind, though, that new feature rollouts often get delayed.

  • Recent Achievements

    • One Month Later
      B2Proxy earned a badge
      One Month Later
    • One Year In
      MadMung0 earned a badge
      One Year In
    • Week One Done
      jefred earned a badge
      Week One Done
    • Apprentice
      JoeyNeo went up a rank
      Apprentice
    • Week One Done
      oliviaexpo earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      482
    2. 2
      PsYcHoKiLLa
      227
    3. 3
      Skyfrog
      71
    4. 4
      FloatingFatMan
      60
    5. 5
      Nick H.
      54
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!