Security Fears Over Google Accelerator
Espectr0 writes "A software tool launched by Google on Wednesday that speeds up the process of downloading Web sites (covered recently on Slashdot) has caused some users to worry about their privacy.
A ZDNet article discusses problems that users have been experiencing with the information that is cached by the software. On a Google Labs discussion group, one user said that 'I went to the Futuremark forums and noticed that I'm logged in as someone I don't know...'" Commentary also available on Signal vs. Noise and BlogNewsChannel.
Perhaps this is just Google's way of finding morelinks to add to it's search index? Imagine gathering millions of websites that it may not have indexed or found yet. All from links that users of the GWA have visited... possible?
Hmmm.
I found it a bit amusing that when I clicked the story link, the destination site, as well as three other sites, each attempted to save a cookie on my computer. Four cookies. To read a news story. That's necessary.
You probably shouldn't click this.
It doesn't just cache your cookies, it acts as a proxy that compresses the data as you browse, much like the ISPs that offer "high speed" compressed modem surfing.
-Jesse
Nothing says "unprofessional job" like wrinkles in your duct tape.
Has anyone read how google will deal with adsense clicks? Since all users of the accellerator will come from the same IP, will that IP decrease in value? (It's well known that the same IP can't just click again and again and generate revenue).
The business with appearing to be logged on isn't quite as serious as it sounds (although it is still bad).
The problem appears to be that you will sometimes be given a page that was personalised for someone else. However if you attempt to do anything from that page (for example if you find yourself looking like admin of a web board) you'll find that it doesn't work, any more than it would if someone emailed you a copy of a page where they were logged in as admin and you clicked on links (if you are on a website where doing that would work, you already have serious security problems). It also doesn't occur with SSL as google doesn't doing anything with SSL pages (as you would hope)
This is still a problem if that page shows something private of course, and should be fixed. (a password of course being the worst case, but how often do you see your actual passwords printed on a webpage?)
Combination - fun iPhone puzzling
lowtax of SomethingAwful makes some interesting points amidst all his fuming but I'll have to defer to the /. tech wizards to vet his technical claims.
I just deleted the accelerator from my system after trying it for the last day, and I must say that it is much less mature than most of the "Beta" products google releases. It caused several significant issues with Firefox on my system, including:
1. Links that open another window stopped working entirely (although they worked if I right-clicked and selected "open in new tab")
2. Even after closing all Firefox windows, a firefox.exe process would remain running, and prevent any new firefox windows from being opened until it was manually killed
3. "Proxy not available" errors when opening several pages at once, such as when using the Firefox "open in tabs" on a folder of bookmarks.
And I haven't even checked into some of these cookie / privacy issues. Perhaps these issues are unique to my system, but my environment is pretty vanilla... I just run a few of the more popular Firefox plugins. Removing the GWA cleared up all of the problems cited above.
Up to this point, I've always been very impressed with the level of testing that has gone into Google software products before they enter Beta. In this case, I'm not. Hope this isn't a sign of things to come.
-R
If it is prefetching everything, then I would have a problem with that, from a different perspective. That increases the amount of bandwidth used by fetching a lot of pages that might not be followed. That means increased bandwidth costs unless enough users use the system such that Google's caching means that it most of the given files are already in their cache.
Thats a common proxy bug, actually, and the person who we all "appear" to be logged in as at Futuremark is St34lthW4rrior, a guy I actually know. No, we aren't actually logged in as him--its simply how the page is cached, and as our school proxy causes this problem basically every day, I'm used to it. Just disable it for dynamic pages such as forums.
"How long has Google Groups been labelled Beta now, two years maybe? How many users does it have?"
So you would have them move it out of beta sooner? Not beta it? What's the solution you're proposing?
Are you saying that software that Google issues in beta should be bug free, or are you suggesting that Google, being a search engine and all, should be scraping all of the Web's most popular forums as their bug reporting mechanism?
I'm really not sure what you're proposing, here.