Watch LIVE

Whoa': Can Your GMail Address Be 'Harvested' If You Are Logged Into Google?


Right now you are reading a story on The Blaze. I have no idea who you are and you probably like it that way. But what if had secret Managing Editor powers that allowed me to see your actual e-mail address whether you wanted me to or not?

You might consider that to be a "pretty big security hole." The folks at TechCrunch sure do:

The creator of (don’t visit that site just yet) emailed us this morning to explain.

If you’re already logged in to any Google account (Gmail, etc.), and visit that site, he’s harvested your Google email. And proves it by emailing you immediately.

Michael Arrington includes a screen grab of the e-mail:

Arrington has some theories on how this is being done.  Read it here. But the import is clear: "The ability to harvest emails from anyone already signed into Google, not to mention just see exactly who’s visiting the site, is extremely valuable."

Most recent
All Articles