Severe security flaw of Google Buzz discovered
20 views
Skip to first unread message
Yao Ziyuan
Feb 26, 2011, 2:33:28 AM2/26/11
to Google Buzz Enthusiasts
Google advertises that Gmail users can be fully protected by HTTPS,
and we assume this is also true for Gmail's built-in feature, Buzz.
But I have discovered that a Buzz user's ISP can see his private
posts! (http://www.google.com/support/forum/p/gmail/thread?
tid=47b3e8bfa84c7a06&hl=en)
I have talked with Google employees via email and their support forum
and they said they were discussing a solution. But after weeks, no
action is taken.
Related Slashdot story:
http://yro.slashdot.org/submission/1482584/Severe-security-flaw-of-Google-Buzz-discovered
Related Google Buzz post for public awareness:
http://www.google.com/buzz/102291835965130378165/GfWdF9i82Nk
and we assume this is also true for Gmail's built-in feature, Buzz.
But I have discovered that a Buzz user's ISP can see his private
posts! (http://www.google.com/support/forum/p/gmail/thread?
tid=47b3e8bfa84c7a06&hl=en)
I have talked with Google employees via email and their support forum
and they said they were discussing a solution. But after weeks, no
action is taken.
Related Slashdot story:
http://yro.slashdot.org/submission/1482584/Severe-security-flaw-of-Google-Buzz-discovered
Related Google Buzz post for public awareness:
http://www.google.com/buzz/102291835965130378165/GfWdF9i82Nk
Alexander S. Kunz
Mar 2, 2011, 2:21:12 PM3/2/11
to google-buzz...@googlegroups.com
Hear hear: non-encrypted content is transmitted non-encrypted. Now, who would have thought that.
Excuse me while I LMAO.
Alexander.
Vladimir Kelman
Mar 2, 2011, 3:22:35 PM3/2/11
to google-buzz...@googlegroups.com
Problem is: it compromises security of encrypted content, because the same data is available through non-encrypted view.
Reply all
Reply to author
Forward
0 new messages