What I Learned Today

by James on July 19, 2011

Today I wrote my first blog entry on this site and I don’t think it could have been any bigger. It is going to be hard to top that one, but I also learned a few things:

  • That you can actually contact Google if you think there is a security problem see here
  • Responsible disclosure – it probably wasn’t best to go down the full disclosure route
The good news is that after speaking with the security team at Google they are fixing the vulnerability and are going to revert any changes that have been made by utilising this exploit when they are done. So all in all, poor method of disclosure but it got exactly the desired result.

{ 8 comments… read them below or add one }

Arjun Sandhu July 19, 2011 at 11:21 pm

Difficult one, if you hadn’t made the full disclosure, you probably wouldn’t have the same visibility as you did.

Rommel C. Caibal July 20, 2011 at 5:29 am

LOL Great news that it’s now resolved. Thanks for sharing. So, no fruit basket from Google? ;(

goobledidoc July 20, 2011 at 8:41 am

hey, just wanted to say: you are a very honest person. there are people out there (i know some of them .. especially in the pills, poker, travel, price comparison and insurance verticals) which would have paid thousands and thousands of good cash for this information, even if it would just work for a few weeks. search is big businesses – and this bug was a weapon of mass destruction.

KRONiS July 20, 2011 at 9:11 pm

So they’d BETTER put you in here!

http://www.google.com/intl/en/about/corporate/company/halloffame.html

:) @KRONiS

FromRUSSIAwithlove July 22, 2011 at 1:41 am

it quiet old trick anyway ..
maybe Google should HIRE your then !!!??? … One man who allmost brought down MIGHTY GOOGLE in 3 lines of code .. )) xa xa xa

Gwiz July 23, 2011 at 8:01 pm

You would be amazed how easy it is to talk to Google employees.
Great find though

Barrie July 25, 2011 at 12:20 am

Thanks for you awsome display of integrity, many people would have cause untold damage to honest working website owners.

Kittu July 26, 2011 at 6:57 am

Good job James!!

Leave a Comment

Previous post: