Google Calendar Security Notice

view blog [IMG]

sont évidemment les premiers renseignements à obtenir pour entamer une étude. Parmi les fuites ainsi obtenues, il semble que des rendez-vous à haut-niveau de la banque JP Morgan Chase aient été exposés.” An issue Chris Pirillo had blogged about last April. Posted: June 21st, 2007 under General. Comments: none

[...] tu password en un calendario público… 22 Abril, 2007 Posted by jlrevilla in Pensando. trackback Leyendo a Chris Pirillo me entero que si uno pone “user password” en la caja debúsqueda de Google Calendar y luego le da click a “Buscar eventos públicos” puede encontrar una lista de usuarios y claves de diferentes cosas… [...]

[...] Google Calendar security issue. [...]

I’m actually curious about why I’ve seen so little mention of another Google issue: I recently noticed that Google parses the text of emails sent to me, and feeds me ads based on what is supposed to be private text. Apparently. nothing in a Google app can be assumed to be private. And in future I’ll use gmail only for what I’m content for the world to see.

[...] Google Calendar security issue. Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages. [...]

[...] [via] Tags:Calendar google Security [...]

Ok, so the nice guy in me wants to email each of these folks to tell them about having their charge card info on their calendar. Gads. The other side of me wonders if I could be charged with “hacking” if I point this out to the individual?

In the age of Identity Theft and generalized paranoia about protecting sensitive information people are saving passwords in public calendars. Priceless. You should’ve worked “common sense” into the title of this post. What’s even more amusing to me is that the person who reported this to you blamed it on Google.

Do you think that there is any way to really educate the average user out there on basic steps that they can take to protect their personal information online? IT Professionals educate people in the workplace, they blog, they podcast, they submit articles to mainstream publications and still so many people (as evident by the search you describe) seem to be in the dark about basic security. What else can be done to educate people?

[...] A rivelarci la, drammatica, notizia è stato Chris Pirillo che tra l’altro spiega anche, con dovizia di particolari, come utilizzare il servizio di Google per spiare gli appuntamenti incriminati. PUBBLICITÀ PUBBLICITÀ postato da Fullo il lunedì 23 aprile 2007 in: [...]

[...] Chris Pirillo writes about a security issue in the latest Google Calendar feature, which lets you search for public events directly from Google Calendar. It is not a security breach, but it is a problem, because many users seem to leave their user names and passwords in their reminders. [...]

[...] via [...]

[...] Η είδηση από το blog του Chis Pirillo που μου υπέδειξε ο basileios. [...]

It is interesting, for all the folks in the geek world who know how to do things for themselves, geeks are lazy/cheep to rely on free services ment for the brain dead. And because it is Google, friend of open source, free software (as in freedom,) the alternative to the MS Monopoly, savior to the average user, brilliant minds, you have to ask; Is it on purpose? Have we all learned our lesson? This hasn’t just happened to average users.

This is what Google thinks of you.

This reminds me of a recent spot on Virgin Radio here in the UK. Virgin Radio ran a competition where, if you revealed to them your work logon and password, you won a prize. Surprising numbers of people did! A similar experiment also showed people would hand over their logon and password for a free plastic biro pen! Madness!

I’m failing to see how Google creates this problem. When people are dumb enough to put passwords on public documents, they get what they get. Perhaps Google could put a few more warnings up, though.

[...] Chris Pirillo has a community announcement for anyone using Google Calendar. He warns that some users are inadvertently storing their usernames and passwords in Google Calendar, while sharing their calendar with the world wide web. Google has just created an enormous security problem. [...]

What I don’t understand is why the default isn’t private, and you change it top public if you want… Wouldn’t that be the easiest solution. I hate having to make private things private. I don’t use the calendar to share things… yet, just to keep track for myself.

[...] Via: Chris.Pirillo.com [...]

Dude.

Er, to elaborate - that’s both amazing and ho-hum - I mean of course there would be a great many uneducated or un-forewarned GCal users out there - but the sheer volume of it amazes me. Thanks for the heads-up Chris and Michael.

I think Google should probably notify folks. It’s not their fault, but they’d look bad if there were a hack.

[...] We posted eight months ago about Google calendar’s lack of respect for private data. Chris Pirillo has a found a clever demonstration of this: just search for “user password” in public events, and you’ll come up with a huge list of usernames and passwords of all sorts. [...]

[...] Google Calendar Security Notice Uh, guys… y’all gotta tell your friends not to store usernames and passwords in public documents - at least, not without protecting them with passwords themselves. More importantly, the last thing you want to do is set a reminder for yourself in Google Calendar and leave the login credentials in the reminder AND set it for public viewing. [...]

We at the Calgoo office use Google Calendar for business purposes. After spending so much time with it its hard to imagine someone making this mistake. That said it is clearly a case of user eduction - or lack there of. The only problem is how far must one go to educate their users before some are turned off by feeling patronized.

- Calgoo
http://www.calgoo.com

Startup Meme and Chris Pirillo report that quite a few people have made login credentials of theirs public via Google Calendar event descriptions, which can now be found by searching for public events for e.g. “username password

s released). At $750, the N95 is only for the rich, nerdy and bleeding-edge adopters. It does a lot of stuff, but not enough to justify that price tag, at least in my book. [5thirtyone] Chris Pirillo discovers a flaw in Google Calendar and tells the entire world about it. Well, as Chris says, it’s not so much a security flaw on Google’s part than it is a case of users not being smart. Just do a search for public events on Google Calendar with the string

the login credentials in the reminder AND set it for public viewing. (Editor’s Note: I did a search on Google’s public calendar system and indeed found an enormous amount of usernames and passwords for a lot of things. You’ve been warned!)” - Google Calendar Security Notice ~ Chris Pirillo

Google Calendar Security Notice

Kezdjük azzal, hogy amikor Chris Pirillo ma betwitterezte a postját, én lazán nem hittem el a sztorit. Aztán, amikor - minden formállogikát és ésszerűséget eldobva - rá mertem keresni végre a Google Calendarban a “user password” kifejezésre és rányomni a Search Public Events gombra, akkor esett le, hogy

[...] Startup Meme and Chris Pirillo report that quite a few people have made login credentials of theirs public via Google Calendar event descriptions, which can now be found by searching for public events for e.g. “username password”. When you create a calendar with Google, you have the options “do not share with everyone” (default) and “share all information on this calendar with everyone” (which additionally triggers a confirmation dialog). However, when people add certain events to public calendars, it may be that they’ve forgotten they once made the calendar public. Maybe Google needs to put a more visible icon next to public calendars as a reminder, or always trigger a confirmation when you add an event to a public calendar, but this is not a Google Calendar security vulnerability – it’s user misconfiguration, similar to when you e.g. create a blog post with information that ought to be secret, and then someone searches Google for “password username”. [...]

[IMG]Lo segnala catepol via Twitter, e ovviamente corro a vedere. A quanto pare la gente non ha ancora compreso appieno il significato del termine “pubblico”, e ha la tendenza a memorizzare le cose sbagliate nei posti sbagliati. Se infatti andate su Google Calendar e cercate, nei

The best place to store your passwords is in your head. Second best is on a little piece of paper that is securely hidden and would not mean anything to any person that might happen to find it. Security first online! Read | Permalink | Email this | Comments [IMG]

My del.icio.us [IMG RSS] Schwippy » Making Thumbnails Automatically in Photoshop Google Calendar Security Notice ~ Chris Pirillo Tricks of the Trade: Retired Keystroke the Carriers | Brand Name Coupons

My del.icio.us [IMG RSS] Old Post Alert | alexking.org Schwippy » Making Thumbnails Automatically in Photoshop Google Calendar Security Notice ~ Chris Pirillo Tricks of the Trade: Retired

Comments to 619-342-7365 e-mail to geeknews@gmail.com Next Tech Podcast Round Table Saturday April 28th Announcing Podshack Listener Links: Vista Failure Was Cho Taught to Hate Sony DRM Show Notes: Google Calendar Firefox on Mac’s Fallen Angel Blubrry Partners with Talkshoe Soyuz Home Safe MacBook Hacker US Broadband Rank Drops Radio Listening Down PhotoBucket back on MySpace Time Warner and Fon Amazon DRM Free

Chris Pirillo

The Google Mac Blog was hacked this weekend, at least the second time an official Google blog has been hacked. It was restored fairly quickly. In somewhat related news, Chris Pirillo noticed Google Calendar users storing their private passwords in their public calendars. Click to continue reading… [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ] [IMG ]

Two days ago, Chris Pirillo warned about usernames and passwords being exposed in Google Calendar. The security hole still seems to exist, I just tried the search. I also just got an email from The Google Team entitled “Google Apps Status Alert: Maintenance upgrade for Google Calendar on April 26th

[...] Chris Pirillo has discovered that if you search for public documents in Googles online calendar, you will be presented with [...]

Comments to 619-342-7365 e-mail to geeknews@gmail.com Next Tech Podcast Round Table Saturday April 28th Announcing Podshack Listener Links: Vista Failure Was Cho Taught to Hate Sony DRM Show Notes: Google Calendar Firefox on Mac’s Fallen Angel Blubrry Partners with Talkshoe Soyuz Home Safe MacBook Hacker US Broadband Rank Drops Radio Listening Down PhotoBucket back on MySpace Time Warner and Fon Amazon DRM Free

Venerdì 1 Giugno 2007 Jackal [11:05:47] La notizia è vecchia, ma guardando dentro al mio google notebook è risaltata fuori. Google Calendar Security Notice Con Google Calendar è possibile rendere pubblici alcuni eventi o appunti presi. Alcuni UTONTI pensando a qualcosa di privato hanno reso pubbliche alcune note pensando forse che solo i colleghi o chi conoscesse il link potesse vedere i dati.