More thinking about GDS. When I read Stefanie’s short piece on Google fixing the security flaw in GDS, it rang another bell. How much does this sound like the drumbeat of stories we’ve heard about Microsoft over the past few years? Change the names, and it’s spooky. Welcome to the OS world, Google.
According to a report posted to the Bugtraq Security Focus list on Wednesday, (insert target company name here)‘s new (insert target company application name here) tool did not prevent a hacker from inserting JavaScript, a programming language, into the Web address of its page image, or logo. That vulnerability could have allowed any rogue third party to change the appearance of (insert target company name here)‘s Web page to ask for personal data such as credit card numbers from its visitors, what’s known as a phishing scam, according to the warning.
(insert target company location here)-based (insert target company name here) said it has fixed the problem.