Google has acted quickly to patch a flaw in the newly-released Presentations online tool that allowed everyone viewing a presentation to collect the e-mail address of everyone else viewing the same page.
Nathan Weinberg at Inside Google sure can write a dramatic blog entry. For instance, in this one on Google closing a security flaw in its new Presentations feature of Google Docs, he starts out with a screen capture of e-mail addresses that were leaked through that flaw. Of course, the addresses are obscured. It's a graphically appealing but very scary image.
Weinberg explains what happened:
"Google Presentations has a chat feature, based on Google Talk technology, that lets people chat while viewing a presentation. I embedded a presentation here, as did Matt Cutts on his blog, and a number of people linked to it. Everyone who went to that Presentation and logged into their Google Account to chat gave their e-mail address to me and to every other visitor to the chat, without even knowing it.
"The reason is that Presentations logs your chats, just like Google Talk does, and those logs appear in your Gmail Chat folder. While the chat window in the presentation doesn't list e-mail addresses, the logs do, and almost everyone gets them automatically."
Apparently, the breach was live for about 15 hours before it was closed, he says.
A Google representative provided this statement when asked for comment: "We take our users' privacy and security very seriously. We acted quickly when we discovered this bug and delivered a fix: e-mail addresses are no longer archived during presentation chat sessions."
Nevermind this, what about the outages Gmail has been having all day today? Bloody annoying