

Harvesting email addresses surreptitiously - dangoldin
http://arvindn.livejournal.com/122550.html

======
randomwalker
I got the idea for this post when I looked at this:
<http://news.ycombinator.com/item?id=1036360> :-)

A further comment:

Suppose you implement this and lots of people are visiting your page, then you
may have a problem determining which visitor corresponds to which email
address, since each query to Google docs will return multiple addresses. One
way to get around that would be to create 10 documents; for each visitor,
embed a random subset of the documents. This way you can uniquely identify
visitors as long as you have fewer than 1024 visitors within a minute or two.

~~~
elcron
1023 if no documents are embedded you can't harvest their email address.

------
megamark16
I liked that single comment to the post:

"You just convinced me to not stay logged on to Google. Ever!"

So Chrome has a "New Incognito Window" option, what about a "New Anonymous
Window" option that would be like incognito but without any of your
sessions/cookies/whatever, like a seperate sandbox or something.

~~~
adamsmith
Incognito already runs without cookies or sessions, fortunately.

They don't even allow cookies within an incognito window.

~~~
pyre
I've been logged into GMail in an incognito window, and done a Google search
in another tab on the same window only to have my email address show up at the
top of the search as 'logged in' (same with Google Maps).

~~~
agl
All incognito windows share a profile, so share cookies etc. It's not the case
that each tab is a clean profile.

------
amalcon
I use a completely different browser to use things that require me to be
logged into Google. Just add this to the list of reasons to do that.

------
tyohn
Has anyone tested this? If it works it seems like a very interesting security
hole.

~~~
dangoldin
I plan on messing with it later tonight to see if works. I'll be the only
testing it though since no one ever visits my site =)

It seems like a pretty bad oversight on Google's part to allow this.

------
jsdalton
Is it really true that one can view a list of the _email addresses_ of the
logged in gmail users who are visiting a document one owns? I can see a list
of usernames of people actively viewing a document I own, but not email
addresses.

Because if so, that's the problem right there. It's not a security "design
flaw" of some kind -- it's a flat out failure of Google to protect the privacy
of its users -- and I have to imagine a violation of its privacy policy.

I don't know, maybe I'm missing something though.

~~~
olefoo
For google docs, usernames are email addresses.

~~~
jsdalton
I see.

It should be noted that this assumption is usually, but not always, true.

It's possible to create a google account with a non @gmail.com address (I have
two myself). I just tested and confirmed that Google Docs shows the local part
of the email address but not the domain.

So you couldn't be 100% sure that "john.doe" is john.doe@gmail.com, though it
would obviously be a pretty solid guess.

~~~
olefoo
That's interesting, I would like to know what percentage of Google accounts
fall into that category. I find the prospect of linking my casual browsing on
sites other than ones I have explicitly allowed being able to resolve my
identity for the site owner to be quite irksome. I would take steps against
any site that I discovered engaging in such practices on a regular basis.

Now looking for a chrome plugin similar to NoScript.

~~~
dangrossman
I have no Gmail address at all, yet I use quite a few Google Account services.
There's no requirement to have a Gmail account or use it as your Google
Account login.

------
ohashi
I think it's a pretty clever idea though a gross violation of privacy.

------
bliss
I'll admit to being worried about this, I stay logged into google most of the
time... I think I'll get used to hitting the logout button - probably good
general practice anyway

------
billybob
I just emailed the Gmail team to tell them.

~~~
est
I guess spreadsheets is a different team. Even the multi-user chat is using a
different gateway than gtalkgadget.

------
sambeau
Why?..

..please don't.

------
edw519
Run, don't walk, away from anything that involves the word "surreptitiously".
What may seem slick today may become a public relations nightmare tomorrow.

There are plenty of ways for good hackers to be successful while still being
open, honest, and forthright with everyone else. Don't be tempted to take a
shortcut that someone else might consider dishonest or underhanded. It just
ain't worth it.

~~~
randomwalker
I think you misunderstood the post. I wasn't suggesting anyone do this. I do
privacy research and I was pointing out what should be considered a security
hole in Google docs. I'm surprised it was confusing; I did use the word
"malicious."

------
tjoozeylabs
this would only be useful if u have bot

