An unofficial blog that watches Google's attempts to move your operating system online since 2005. Not affiliated with Google.

Send your tips to gostips@gmail.com.

October 17, 2006

Who Wants to Post on Official Google Blogs?

Apparently there's a bug in Blogger that allows people to post on blogs even if they don't have the credentials. Ten days ago, Official Google Blog featured this post:

"Google Click-to-Call project cancelled

After concientiously considering, Google has decided not to continue with Google Click-to-call project. The project has been in the media on last days because of the notice of Google agreement with e-Bay. We finally consider click-to-call agreement with e-Bay a monopolistic aproach that would damage small companies in the CRM area.

This message has been translated using Google language tools."

Google's response was:
"A bug in Blogger enabled an unauthorized user to make a fake post on the Google Blog last night, claiming that we've discontinued our AdWords click-to-call test. The bug was fixed quickly and the post removed. As for the click-to-call test, it is progressing on schedule, and we're pleased with the results thus far."

Maybe the bug hasn't been fixed, because Blogger's Buzz blog has another strange post:
"Diary of a Crafty Chica: White Chocolate Sugar Skulls

i love these! it seems so obvious - replace the sugar with something you'd actually eat - but yet, what a surprise.

if i get around to it, i am totally making these for dia de los muertos this year.

it's not like i have any other projects right now - hahahahaha! along with finishing the toy box for my nephew by thanksgiving, and taking part in nanowrimo this year, which i promised a friend i'd do (and actually finish my novel? that would be shocking!) so yeah, there's not too much else going on ;-)

good thing i subscribed to CRAFT. in case, y'know, i get bored. hahahaha! man, i crack myself up.

back to work now. that was a nice crafty respite in a typically un-crafty day."

Either this is a bug or somebody found the passwords from Google blogs.

Related:
Google deleted... Google Blog

{ Via Blogoscoped. }

Update: the post has been deleted from Blogger Buzz.

4 comments:

  1. Official Google Blog fake post (in Bloglines)



    Blogger Buzz fake post (in Google Reader)

    ReplyDelete
  2. Why the switch to such a large, thin font, Ionut? Seems harder to read than before.

    ReplyDelete
  3. I Blogger employee accidentily posted to Blogger Buzz, instead of her personal blog:

    http://blog.outer-court.com/forum/72093.html#id72103

    ReplyDelete
  4. That is pretty crazy... Makes you really question the security of various blog programs. I have had a few situations in the past where I have experienced an unauthorized user accessing my site and creating unwanted articles... Not only that, but vital options were changed in our site's configuration files causing the site to be down for a few hours until the problem was corrected. It would be great to have help and allow people to contribute on your site... but I am learning that this is risky and there has to be a lot of trust in the relationship between the site owner and the contributors.

    I must say, that researching the user levels of Wordpress has helped me a lot in preventing attacks from happening on our site. I understand that this might not be as closely related because the sites you mentioned are on blogger.com. But I know that this is happening everyone and I don't know exactly how, but I do know that there are things that can be done to narrow down the possibilities... again for me, that was learning about the different user levels on Wordpress and executing them on the site.

    ReplyDelete