January 21, 2007

Google Blacklist Contained Confidential Information

Internet security firm Finjan will confirm on Monday that Google’s much-discussed anti-phishing blacklist contained confidential usernames and passwords of individuals, including credentials for accounts at banks and other financial institutions. See the screen shot below for an example - click for a larger view.
Google’s current anti-phishing blacklist, which has no access protection, is here. It’s It used by the Google Safe Browsing for Firefox extension which is now part of the Google Toolbar for Firefox, according to Michael Sutton, who has spent some time analyzing it.

No comments: