April 23, 2007

Gadgets and Personal Data

User-generated gadgets made personalized homepages a better place because users can choose from a wider variety of content and even create their own gadget if they have programming skills. But just because you see a gadget in Google's directory or elsewhere doesn't mean you have to trust it and handover personal information or credentials.

Jason wrote a popular gadget that showed your MySpace alerts. Of course, the gadget required you to enter your MySpace username and password (ideally, MySpace should have an API for authentication and data).

"A few months back, a flaw was discovered whereby usernames were being passed in clear-text as a querystring parameter when using the gadget. As a result of Google's mechanism that caches web-content, a list of usernames on a phishing watchlist website was cached in Google's search index, thus making them publicly accessible. Once Google was alerted of the issue, they contacted me immediately. Google took action and removed the cached content from their search index, and I took numerous steps to strengthen the security of the gadget - and to mitigate any future risks. Google even went as far as to work with the operators of the phishing watchlist to remove my name and IP addresses from the suspected phishers list."

But people thought that the flaw was intentional and accused him of phishing. "Due to a common misconception that the Gadget was actually being used to facilitate phishing activity, I have decided to remove it permanently. This is a particularly difficult decision because of the large number of users and the popularity of this gadget."

Google shows a warning everytime you add third-party gadgets, so you should be careful when you add gadgets from unknown sources. You should be even more careful when you enter personal data.

2 comments:

  1. Do not enter your password of application from maker A into application from maker B. Ever. Unless you're really brave...

    ReplyDelete
  2. @phillipp: I agree. I don't even like to have Google or Yahoo aggregate my POP mail from other accounts. Separate logins are less convenient, but it's a reasonable diversification strategy for security and privacy.

    ReplyDelete

Note: Only a member of this blog may post a comment.