
How a Simple Hack Can Turn Numeric Google Profile URL Back to a Gmail Address - alexandros
http://www.readwriteweb.com/archives/hacking_google_profile_gmail_email_addresses.php?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+readwriteweb+%28ReadWriteWeb%29&utm_content=Google+Reader
======
vaksel
You can use it to find Eric Schmidt's email:

<http://picasaweb.google.com/109938146389129062343>

I doubt it's his real one though

~~~
jorgeortiz85
All I see now is:

 _We're sorry, but your computer or network may be sending automated queries.
To protect our users, we can't process your request right now._

Maybe it was his real address.

------
alain94040
If I understand this properly, it means that if you want to use Google Buzz,
your Gmail address becomes public and you can't hide it.

Whereas on twitter, people can't find out your e-mail address. That's quite
important because the whole point of twitter is to offer this semi-public
presence without being bombarded by email spam.

~~~
dutchflyboy
No, if you use Picasa, people who have access to your history can find your
gmail address.

~~~
pasbesoin
Linked in the RWW article

[http://theharmonyguy.com/2010/02/12/using-google-buzz-can-
ex...](http://theharmonyguy.com/2010/02/12/using-google-buzz-can-expose-your-
gmail-address/)

    
    
        In my testing thus far, it matters little whether you’ve
        Picasa before – if you have a Gmail account, Picasa is also
        enabled on your account. And while individual Picasa albums
        have privacy controls, I have not found a way to block simply
        loading your Picasa home page.

------
piramida
The use of numeric URL in Picasa has been blocked by google now. In either
case, if you had your gmail address as an URL in Picasa you have been exposed
to email harvesters all along, that's why there is an option to create any
alias you like for Picasaweb.

------
pasbesoin
Over the years, I've experienced that Google's products/services are full of
such security and privacy lapses. They have at times taken some serious and
appreciated steps to promote security and privacy. But they do not appear to
have a coherent and comprehensive policy or strategy for addressing such
topics as a part of ongoing development and operations. Stuff goes into
production (I don't care whether you call it beta) that has not been
adequately vetted.

Rapid development and iteration have some nice benefits, but they are NOT
excuses for oversights in security and privacy.

~~~
est
Google Groups actually leaks your IP and user-agent for what, 5 years now.

