The Search Engine Professionals at Rank for $ales.com --- In business since 1997.
Back to our Homepage SEO Tips that will make a big difference in your rankings and our most popular ** How To ** section The most common myths about SEO -- Read what the experts have to say about today's most common SEO myths and misconceptions Frequently Asked Questions to Search Engine Optimization and Positioning Search Engine Optimization Industry News -- Stay in tune with the most recent developments in search engine technology and the SEO industry Contact Rank for $ales today and get your site's rankings high in the engines-- Right where they should be!

  SEARCH FOR:   CITY or STATE:

Search this site              Join the SEO Help Forum


Google patches security vulnarabilities in Google Base

November 22, 2005

Get the most dependable Linux or Windows Web hosting at the lowest cost. Domain names at only 99 cents for a whole year! Click here to learn more.

According to Google, it has repaired a security vulnarability in Google Base.

Google says the security hole could have exposed personal and sensitive data stored by users of Google's Base service.

The cross site scripting vulnerabilities discovered by British Computer Scientist Jim Ley would allow an attacker to steal cookies.

Additionally, there are other information that could be stolen from users, while providing fraudsters with the facility to publish their own forms and receive input using an apparently reassuring Google Base URL.

Google Base will spearhead the search giant's entry into classified advertising and payment processing, where it will compete with established offerings from eBay and CraigsList.

If it succeeds, Google Base will likely accelerate a trend which has seen a growing percentage of advertising dollars shift to the web and away from television, magazines and especially newspapers, which rely heavily on classified ads for revenue.

Why spend thousands of dollars to have your Web site built by someone else? Do it yourself and save a bundle! Learn more by clicking here.

Strong application security is important to gain user confidence in the service, as Google Base is eventually expected to integrate a micropayment system (presumably Google Payments).

Google's move towards a single Google Account for multiple services exacerbates the problem, as the same account used by the Google Base site can also be used to access financially sensitive services such as AdWords and AdSense, and Google's GMail webmail service.

Ley, who also recently found a similar security vulnerability in Yahoo Maps, says that there is a pervasive problem with companies releasing new applications on to the Web with easy-to-find vulnerabilities still present.

Too little thought is given to the consequences of such action, which in the case of an identity or data theft scenario on a very widely used service could be severe for a correspondingly large number of people.

The nature of the problems discovered by Ley provides fraudsters with the tools to create phishing sites with a good level of plausibility because the base URL would be that of a well-known brand - in this case Google or Yahoo.

This is the same in principle to that scenario whereby fraudsters try to find open redirects or cross site scripting vulnerabilities on bank sites to improve the authenticity of their frauds. The importance of testing to remove application vulnerabilities is proportional to the level of trust the public places in the service and the impact of this trust being broken.

There are a number of companies that provide a range of Internet security services for organizations that can eliminate these kinds of errors from their systems, including comprehensive application testing, training for developers and designers of web based applications, and an service aimed specifically at detecting and reporting Open Redirects.

Source: Netcraft


Increase your site traffic with a paid inclusion program Get your website listed in today's most powerful B2B search engine. Click here for all the details.

Read Serge Thibodeau's daily blogs on search engines at Serge Thibodeau Live. We strongly suggest you bookmark our web site by clicking here.

Get your business or company listed in the Global Business Listing directory and increase your business. It takes less then 24 hours to get a premium listing in the most powerful business search engine there is. Click here to find out all about it.

Rank for $ales strongly recommends the use of WordTracker to effectively identify all your right industry keywords. Accurate identification of the right keywords and key phrases used in your industry is the first basic step in any serious search engine optimization program. Click here to start your keyword and key phrase research.

Pay Rank for $ales securely with your Visa, MasterCard, Discover, or American Express credit card through the secure PayPal network. (Note: PayPal is an eBay company, and maintains a net free capital of US $ 50 Million).
VisaMasterCardDiscoverAmerican Express

You can link to the Rank for Sales web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in all the major search engines such as Google, AltaVista, Yahoo and all the others.

Sponsered by Link Rent                  Sponsored by Avantex          Traffic stats by Site Clicks™

 Site design by Mtl. Web D.         Sponsored by Press Broadcast         Sponsored by Blog Hosting.ca

Advertise on the Rank for $ales website and reach millions of website owners, business people and webmasters from all over the world. Click here for more information.

Home | SEO Tips | SEO Myths | FAQ | SEO News | Articles | Sitemap | Contact

Copyright © Rank for Sales 2003    Terms of use    Privacy agreement    Legal disclaimer

       Ce site est disponible en Français