Oops! Google Calendar Flaw Exposes Any Gmail User's Real Name


Yikes! Google, the online monolith of all things, well, online, has made it incredibly easy for spammers to find out your real name. That means instead of seeing "Dear Sir" at the beginning of male organ enlargement solicitations, pill peddlers and every other unsavory seller can more easiy address you by name. Of course, if you're in the market for male miracle growth, then perhaps that's not such a bad thing.

In any event, a SecuriTeam blog outlines all the gritty details on how the exploit works, and to rub even more egg on Google's face, the blog chose to uncover the identity of admin at gmail dot com for its short tutorial. The bug works by entering a gmail address under the 'share this calendar' tab, adding them, and then saving. While the true identity isn't revealed at first, navigating back to the page is all it takes to see the person's real name. We haven't seen an exploit this stupidly simple since John Halderman discovered how to circumvent music CD copy protection just by holding down the shift key.

Oh, and feel to drop Drew a line. Not only did he give permission to post his Gmail info, but he did it with the full expectation that he'll find true love from a reader of these news posts.

Around the web