Google Base Fixes Security Bug
Google Base has reported that they have fixed a security issue with the functionality of this new service. This security flaw allowed attackers to steal sensitive information from users of the new content-hosting service. Google fixed the flaw within hours of its discovery though has failed to impress the security experts.
This flaw allowed hackers to steal cookies and other information from Google Base users. In addition, the hackers were also able to embed fraudulent forms within Google Base Web pages. This flaw is technically referred to as a cross-site scripting vulnerability, which is not new for such web services. Google Search Engine and Yahoo! Maps have also suffered from this flaw in the past.
A security analyst Jim Ley who was the first to discover the bug is not amused and claims that the flaw was due to poor programming and implementation on behalf of Google. He also claims that the search engine giant probably did not conduct any security study of their new service before launching it in beta to the general public.
Google on their part does not release much information on the flaws discovered or fixed in their various services. They have also declined to comment on the discovery of this particular flaw. Many more security experts have blasted the company for not taking security too seriously in their new services. Even, Gmail was reported to suffer from a big security bug, which went unfixed for a couple of months.
–
Sushubh Mittal, Tech Columnist and Resident Opera User – Sushubh Mittal, the Editor of TechWhack is a self described tech freak who loves to test out software and criticize the flaws in them.
