Google Calendar Flaw Exposes Any Gmail User’s Real Name

by admin July 17, 2008 at 2:48 pm

Exploit reveals the ugly side of keeping data in the cloud

A bug found in the Google Calendars beta exposes the real name of anyone registered with a Gmail account.

Originally posted at the Securiteam blog, the bug allows anyone with a Google Calendar account to reveal other Gmail account holders’ (registered) real names simply by hitting the “back” button after sending an invite.

Internal testing by DailyTech finds that the bug is still active at the time of this writing.

Worse, reveals Canadian blogger Holden Karau, is that the bug works for any account in Gmail’s system, including private Gmail accounts operating under other domains.

Full story: dailytech.com