php0t wrote:
> How exactly does such data get captured? Somebody placed a link
>
Well the poster of the password link would've done better explaining how
goog mines the data instead of easily disclosing valid e-mail passwords.
This shows yet again how crucial it is to use throw-away passwords that
you can use for badly coded web sites that disclose passwords plain-text
in the URL.
It's not really Googles' fault if some people don't know how
web-security basics work. They grab the web, crawl it hideously and find
all of it, including sensitive data.
As to whether the Blacklist should be public or not is up to personal
believes. I for one think that it should be publicly available to have
at least a good static reference of the most commonly used phishey sites...
thanks for the fish and
Goodbye!
Steve
> somewhere with the url having the user/password in it ? What would be
> the point of that? And if not, where did that come from? I peeked at
> http://www.google.com/tools/firefox/safebrowsing/faq.html to learn more
> but it only has obvious info.
>
--
__o | Steve Clement - Unix System Administrator
_ \<,_ | Current Location: Luxembourgr/Europe
(_)/ (_) | "Work to Eat, Eat to Live, Live to Bike, Bike to Work"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Jan 03 2007
Intro
