Comments on: Google Calendar Security Notice

By: Is Google Calenda Secure? :Search Engine News

Is Google Calenda Secure? :Search Engine News — Wed, 25 Apr 2007 13:53:23 +0000

[...] Chris Pirillo has discovered that if you search for public documents in Googles online calendar, you will be presented with [...]

By: Login Credentials in Public Google Calendars « Know what is happening throughout the world

Tue, 24 Apr 2007 05:56:53 +0000

[...] Startup Meme and Chris Pirillo report that quite a few people have made login credentials of theirs public via Google Calendar event descriptions, which can now be found by searching for public events for e.g. “username password”. When you create a calendar with Google, you have the options “do not share with everyone” (default) and “share all information on this calendar with everyone” (which additionally triggers a confirmation dialog). However, when people add certain events to public calendars, it may be that they’ve forgotten they once made the calendar public. Maybe Google needs to put a more visible icon next to public calendars as a reminder, or always trigger a confirmation when you add an event to a public calendar, but this is not a Google Calendar security vulnerability – it’s user misconfiguration, similar to when you e.g. create a blog post with information that ought to be secret, and then someone searches Google for “password username”. [...]

By: Calgoo

Calgoo — Mon, 23 Apr 2007 22:15:01 +0000

We at the Calgoo office use Google Calendar for business purposes. After spending so much time with it its hard to imagine someone making this mistake. That said it is clearly a case of user eduction – or lack there of. The only problem is how far must one go to educate their users before some are turned off by feeling patronized.

- Calgoo
http://www.calgoo.com

By: Google Calendar Passwords in The Open, Google Antitrust case, and more Google News

Mon, 23 Apr 2007 20:49:05 +0000

[...] Google Calendar Security Notice Uh, guys… y’all gotta tell your friends not to store usernames and passwords in public documents – at least, not without protecting them with passwords themselves. More importantly, the last thing you want to do is set a reminder for yourself in Google Calendar and leave the login credentials in the reminder AND set it for public viewing. [...]

By: Mosuki blog » Google calendar: sharing gone wild!

Mosuki blog » Google calendar: sharing gone wild! — Mon, 23 Apr 2007 20:04:45 +0000

[...] We posted eight months ago about Google calendar’s lack of respect for private data. Chris Pirillo has a found a clever demonstration of this: just search for “user password” in public events, and you’ll come up with a huge list of usernames and passwords of all sorts. [...]

By: Greg

Greg — Mon, 23 Apr 2007 18:17:15 +0000

I think Google should probably notify folks. It’s not their fault, but they’d look bad if there were a hack.

By: Easton Ellsworth

Easton Ellsworth — Mon, 23 Apr 2007 15:56:02 +0000

Er, to elaborate – that’s both amazing and ho-hum – I mean of course there would be a great many uneducated or un-forewarned GCal users out there – but the sheer volume of it amazes me. Thanks for the heads-up Chris and Michael.

By: Easton Ellsworth

Easton Ellsworth — Mon, 23 Apr 2007 15:54:47 +0000

Dude.

By: Google Calendar Security Notice | TomCoyote

Google Calendar Security Notice | TomCoyote — Mon, 23 Apr 2007 14:09:29 +0000

[...] Via: Chris.Pirillo.com [...]

By: MAcsSNAcs

MAcsSNAcs — Mon, 23 Apr 2007 13:56:44 +0000

What I don’t understand is why the default isn’t private, and you change it top public if you want… Wouldn’t that be the easiest solution. I hate having to make private things private. I don’t use the calendar to share things… yet, just to keep track for myself.

By: Google Calendar Users Sharing Their Passwords | Marketing Pilgrim

Google Calendar Users Sharing Their Passwords | Marketing Pilgrim — Mon, 23 Apr 2007 13:14:43 +0000

[...] Chris Pirillo has a community announcement for anyone using Google Calendar. He warns that some users are inadvertently storing their usernames and passwords in Google Calendar, while sharing their calendar with the world wide web. Google has just created an enormous security problem. [...]

By: Bill

Bill — Mon, 23 Apr 2007 12:59:05 +0000

I’m failing to see how Google creates this problem. When people are dumb enough to put passwords on public documents, they get what they get. Perhaps Google could put a few more warnings up, though.

By: Bruce Boughton

Bruce Boughton — Mon, 23 Apr 2007 12:48:06 +0000

This reminds me of a recent spot on Virgin Radio here in the UK. Virgin Radio ran a competition where, if you revealed to them your work logon and password, you won a prize. Surprising numbers of people did! A similar experiment also showed people would hand over their logon and password for a free plastic biro pen! Madness!

By: Paul Stewart

Paul Stewart — Mon, 23 Apr 2007 12:25:33 +0000

It is interesting, for all the folks in the geek world who know how to do things for themselves, geeks are lazy/cheep to rely on free services ment for the brain dead. And because it is Google, friend of open source, free software (as in freedom,) the alternative to the MS Monopoly, savior to the average user, brilliant minds, you have to ask; Is it on purpose? Have we all learned our lesson? This hasn’t just happened to average users.

This is what Google thinks of you.

By: Metablogging.gr » Google Calendar: Προσοχή. Τεράστιο θέμα ασφάλειας

Metablogging.gr » Google Calendar: Προσοχή. Τεράστιο θέμα ασφάλειας — Mon, 23 Apr 2007 11:33:21 +0000

[...] Η είδηση από το blog του Chis Pirillo που μου υπέδειξε ο basileios. [...]