Hacking Google Calendar - anyone can do it
Chris Pirillo writes about a security issue in the latest Google Calendar feature, which lets you search for public events directly from Google Calendar. It is not a security breach, but it is a problem, because many users seem to leave their user names and passwords in their reminders.
Here’s how it works. Enter “username password“, “user password“, or anything similar into the public event search. The very first result currently gives out the user name and password for a Gmail account, and there are many more similar examples. Why does this happen? Because people go public with their Google Calendar, forgetting that they might have some sensitive info in there.
Results of search for “username password”. Actual user names and passwords are edited.
The problem stems from the fact that Google Calendar allows you to have a private or a public calendar, or to share it with specific users. People being lazy as they are probably want to share some info only with specific users, but they don’t bother entering their e-mails, and choose the “public” option instead.
Google’s hands are clean here: they have the options, and they display a warning before someone turns their calendar public. But, it seems that the warning doesn’t work for many, so Google should definitely consider adding an additional warning, or adding an option to share the calendar with all the people in your Gmail account, but not anyone else.
April 23rd, 2007 at 7:06 am
As you said the problem isn’t really with Google its with the users, isn’t it always!
Its much the same as when Joe Public started using p2p applications, most of the initial applications would prompt you during setup to select a folder for storing/sharing files from.
So many people selected C:\ rather than going through the hassle of setting up a new folder to store downloads/shared files. And then claimed the p2p applications created a security hole which allowed people to steal sensitive files from their computer.
Many users will counter with the fact that they “don’t want to learn, it should just do what I want it to” which is something web developers are always striving for, the best possible usability. But as with anything its a balance.
Protect the users by not allowing them to make documents/calenders/etc globally public and you will have people moaning that their Auntie Jane can’t view their latest cats pictures as she doesn’t have a google account.
Let them make things globally public and then we get the situation above.
My own personal opinion, screw ‘em
If they can’t be bothered learning the little it takes about an application to know that this kind of thing is a bad idea then perhaps they need a short sharp lesson on internet security and preventing identity fraud 
April 23rd, 2007 at 9:28 am
@Aaron: I agree that this is not Google’s fault, unlike some other bloggers who declared that this is a major oversight on Google’s part. Actually, this is nothing new: you can do very similar “hacks” with Google Search, and it requires an astoundingly low amount of knowledge to use them. However, when something is as obvious as this, perhaps Google should take some steps to additionally warn users about it.
April 23rd, 2007 at 12:59 pm
[…] Hacking Google Calendar - anyone can do it Here’s how it works. Enter “username password“, “user password“, or anything similar into the public event search. The very first result currently gives out the user name and password for a Gmail account, and there are many more similar examples. Why does this happen? Because people go public with their Google Calendar, forgetting that they might have some sensitive info in there. Google Security […]
April 23rd, 2007 at 2:04 pm
Hello,
We at the Calgoo office use Google Calendar in a business setting. As stated the privacy issues are not with Google but the users of Google Calendar not knowing how to use the product.
You state that “perhaps Google should take some steps to additionally warn users about it.” and anyone would be hard pressed not to agree with you on that point. It seems that even Google agrees and has taken steps to be more clear in regards to how use the settings in Google Calendar.
The biggest problem we as Google users may run into in time is that if things are made so safe, and so basic to save people from making these mistakes, we may limit the powerful nature of some of these products.
- Calgoo
www.calgoo.com
April 23rd, 2007 at 10:44 pm
[…] Un hacking de lo más tonto: como la gente no sabe lo que guarda en Google, y esto de autorizar contacto-a-contacto es pesado (más fácil hacerlo público para todo el mundo), si se busca username y password se obtienen los datos de varias cuentas. Je. […]
March 22nd, 2009 at 8:00 pm
hello
just thanks
March 22nd, 2009 at 8:11 pm
hello
just thanks
April 6th, 2009 at 8:10 am
It sounds like you’re creating problems yourself by trying to solve this issue instead of looking at why their is a problem in the first place
April 8th, 2009 at 11:31 pm
Not that I’m totally impressed, but this is more than I expected when I found a link on Delicious telling that the info is quite decent. Thanks.
April 15th, 2009 at 9:11 am
After reading through this article, I just feel that I really need more info. Can you suggest some more resources please?
June 27th, 2009 at 5:20 am
?????? ????!, ?????? ????? franticindustries.com!!
??? ? ???? ?????? ??????? ???????, ??? ??????? ?????, ??????? ?? ?????? ???????.
???? ?? ???? ??? ????????????? ?????? ????????????? ?????????? ????????
? ?????? ???????? ? ???. ????? ???-?? ?????? ??? ??? ???? ????? ????? ?? ?????? ?????? ??????? ??????
???????
June 28th, 2009 at 8:10 am
??? ?????? ????????? ??????? ?? ???????? ????? - franticindustries.com !! ?? ????? ? ?????????
June 28th, 2009 at 10:57 pm
???? ??????…, ?????? ????? franticindustries.com!!
????? ?????? ?????? ????? ?????? ? ???!! ???????.
June 28th, 2009 at 11:53 pm
?????? ????!, ?????? ????? franticindustries.com!!
????? ?????? ?????? ????? ?????? ? ???!! ???????.
June 29th, 2009 at 12:56 am
????? ?? ?????????? ?? ??? ????. ? ??? ? ???????? ? ?????????? ???? ????. ??? ? ??? ???????. ??? ???????
? ???? ???????.
June 29th, 2009 at 2:04 am
????? ?? ?????????? ?? ??? ????. ? ??? ? ???????? ? ?????????? ???? ????. ??? ? ??? ???????. ??? ???????
? ???? ???????.
June 29th, 2009 at 7:27 am
?? ???????? ????? ? ? ???? ????????. ?????? ????????? ???????, ??? ?? ??????????? ???? ???-?? ?????????? ?? ????? ?????. ? ??? ??????????, ??? ??? ?? ?????.
June 29th, 2009 at 8:24 am
?? ???????? ????? ? ? ???? ????????. ?????? ????????? ???????, ??? ?? ??????????? ???? ???-?? ?????????? ?? ????? ?????. ? ??? ??????????, ??? ??? ?? ?????.
June 29th, 2009 at 11:55 am
?????? ! ???? ??????? ? ??????… ??? ?????? ??????. ?? ????? ?? ?? ???? ??? ????????? ??????? ?
June 29th, 2009 at 7:39 pm
?????? ! ???? ??????? ? ??????… ??? ?????? ??????. ?? ????? ?? ?? ???? ??? ????????? ??????? ?
June 30th, 2009 at 3:35 am
??? ?????? ?? ?????? ) ?? ???? ?????????. ????? ????????? ? ???? ???? )
June 30th, 2009 at 4:06 am
??? ?????? ?? ?????? ) ?? ???? ?????????. ????? ????????? ? ???? ???? )
July 6th, 2009 at 1:01 pm
I located your blog on google and really appreciate your posts. I have added you to my Google News Reader. I really look forward to reading more posts from you. Thanks for caring enough to post on the subject.
July 14th, 2009 at 7:21 am
âûâîç ñòðîèòåëüíîãî ìóñîðà
…
òðàíñïîðòíûå óñëóãè…
November 28th, 2009 at 9:47 am
?????! ??? ????? ??????? ??????? ? ????? ?????, ?? ??????-?? ????????? ? ??? ????????. ???? ???????? ?? ????? ?????????? ? ????? ??????? ?????????
November 30th, 2009 at 1:52 am
I’ve had a swift look at your site, it looks vastly interesting. Possibly you’d like to send a synopsis through for us to report on you? Amuse authorize it as factual as possible and contain a brief bio of yourself and a element to your place at the end.
December 1st, 2009 at 8:13 am
This is an excellent review.
December 3rd, 2009 at 12:38 pm
Oh, I’ve done the research. I’ve updated the post to categorize a hyperlink to the Wisconsin Law Cavalcade article I wrote on the subject.
franticindustries.com - go to my favorites!!!
December 4th, 2009 at 8:49 am
?????? ??????, ?????????? ?? ???
franticindustries.com - ??????????? ??? ? ???????? )
December 5th, 2009 at 12:51 pm
I like that you separate fate from destiny. There is something to be said for trying to account for the idea that we can sometimes fail to fulfill our destiny.
December 7th, 2009 at 11:36 pm
Do you have any other posts relating to this?
December 8th, 2009 at 1:38 am
Any idea when this was posted?
December 8th, 2009 at 3:31 am
Thanks for the awesome post, it helped me out a lot.
December 8th, 2009 at 5:33 am
Thanks for the awesome post, it helped me out a lot.
December 8th, 2009 at 10:46 pm
We need more posts like this!
December 9th, 2009 at 12:47 am
Thanks for the info.
December 9th, 2009 at 2:39 am
Wanna see a magic trick?
December 9th, 2009 at 4:41 am
Crap, I think I did it wrong…
December 9th, 2009 at 6:35 am
Any idea when this was posted?
December 16th, 2009 at 6:04 pm
Thanks for the info.
December 17th, 2009 at 5:44 pm
Your posts are the best! Always helpful!
December 17th, 2009 at 7:42 pm
Thanks for the awesome post, it helped me out a lot.
December 17th, 2009 at 9:31 pm
Crap, I think I did it wrong…
December 17th, 2009 at 11:31 pm
Your posts are the best! Always helpful!
December 18th, 2009 at 1:18 am
Your posts are the best! Always helpful!
December 18th, 2009 at 3:14 am
Great site, thanks for the information.
December 18th, 2009 at 5:00 am
Any idea when this was posted?
December 19th, 2009 at 8:37 am
great view!!! i think the same
December 19th, 2009 at 9:22 am
Awesome post!
December 19th, 2009 at 11:20 am
Great post, I’d Digg this.
December 19th, 2009 at 1:54 pm
Great post, thanks!!
December 19th, 2009 at 7:37 pm
Thanks!
December 19th, 2009 at 9:35 pm
Great site, thanks for the information.
December 19th, 2009 at 11:23 pm
Great site, thanks for the information.
December 20th, 2009 at 1:23 am
I don’t understand this…
December 20th, 2009 at 3:11 am
Do you have any other posts relating to this?
December 20th, 2009 at 5:09 am
I don’t understand this…
December 20th, 2009 at 6:57 am
Thanks for the info!
December 20th, 2009 at 8:55 am
Thanks for the awesome post, it helped me out a lot.
December 20th, 2009 at 10:35 am
Thanks for the info.
December 23rd, 2009 at 6:53 pm
Great!!!
December 23rd, 2009 at 8:50 pm
Awesome post!
December 23rd, 2009 at 10:37 pm
Wow…
December 24th, 2009 at 12:31 am
Great!!!
December 24th, 2009 at 2:18 am
Great site, thanks for the information.
December 24th, 2009 at 4:13 am
Wanna see a magic trick?
December 24th, 2009 at 5:58 am
Thanks!
December 24th, 2009 at 7:54 am
Thanks for the awesome post, it helped me out a lot.
December 24th, 2009 at 9:41 am
Your posts are the best! Always helpful!
December 26th, 2009 at 10:35 am
I don’t understand this…
December 26th, 2009 at 12:50 pm
Thanks for the awesome post, it helped me out a lot.
December 27th, 2009 at 11:04 am
Crap, I think I did it wrong…
December 28th, 2009 at 5:48 pm
Thanks!
December 28th, 2009 at 7:47 pm
Great!!!
December 28th, 2009 at 9:38 pm
Any idea when this was posted?
December 28th, 2009 at 11:37 pm
Thanks for the awesome post, it helped me out a lot.
December 29th, 2009 at 1:29 am
Thanks for the awesome post, it helped me out a lot.
December 29th, 2009 at 3:29 am
Thanks for the info.
December 29th, 2009 at 5:21 am
Thanks for the info.
December 30th, 2009 at 4:21 am
Hi!!! franticindustries.com is one of the best informational websites of its kind. I take advantage of reading it every day. franticindustries.com rocks!
December 30th, 2009 at 6:25 pm
Thanks for the awesome post, it helped me out a lot.
December 30th, 2009 at 8:25 pm
Great!!!
December 30th, 2009 at 10:16 pm
Crap, I think I did it wrong…
December 31st, 2009 at 12:15 am
Why isn’t this working for me?!
December 31st, 2009 at 2:06 am
Thanks for the info.
December 31st, 2009 at 4:06 am
Your posts are the best! Always helpful!
December 31st, 2009 at 5:57 am
I don’t understand this…
December 31st, 2009 at 5:42 pm
Thanks!
December 31st, 2009 at 7:39 pm
Wow…
December 31st, 2009 at 9:26 pm
Any idea when this was posted?
December 31st, 2009 at 11:22 pm
Thanks!
January 1st, 2010 at 3:06 am
Thanks for the info!
January 1st, 2010 at 4:54 am
Thanks!
January 1st, 2010 at 6:50 am
I don’t understand this…
January 1st, 2010 at 8:36 am
Awesome post!
January 1st, 2010 at 10:31 am
Do you have any other posts relating to this?
January 1st, 2010 at 12:17 pm
Great site, thanks for the information.
January 1st, 2010 at 2:12 pm
Great post, thanks!!
January 1st, 2010 at 3:58 pm
Do you have any other posts relating to this?
January 11th, 2010 at 12:16 pm
Why isn’t this working for me?!
January 11th, 2010 at 2:03 pm
Thanks for the awesome post, it helped me out a lot.
January 15th, 2010 at 6:20 am
Ñîâðåìåííàÿ ÑÒÎ ýôôåêòèâíî è êà÷åñòâåííî âûïîëíÿåò ñâîè ôóíêöèè ïðè ïîìîùè ðàçëè÷íîãî âèäà îáîðóäîâàíèÿ…
àâòîðåìîíò…
January 15th, 2010 at 1:45 pm
thats really funny
January 16th, 2010 at 11:38 am
Great post, thanks!!
January 19th, 2010 at 7:05 am
Øèðîêèé ñïåêòð ñîâðåìåííîãî øàõòíîãî è ãîðíîîáîãàòèòåëüíîãî îáîðóäîâàíèÿ íàñ÷èòûâàåò áîëåå 100 íàèìåíîâàíèé…
âèáðàòîðû, ãðîõîòû, æåëåçîîòäåëèòåëè…
January 25th, 2010 at 11:05 am
àñôàëüòîóêëàä÷èêè, àâòîêðàíû, áóëüäîçåðû, ãðåéäåðû, êàòêè, ïîãðóç÷èêè, ýêñêàâàòîðû…
Ïîãðóç÷èêè èñïîëüçóþòñÿ äëÿ çàñûïêè, ðàñêîïêè, âûðàâíèâàíèè è äðóãèõ ðàáîò ñ ðàçëè÷íûìè ìàòåðèàëàìè…
January 29th, 2010 at 11:22 pm
????..?????????? ????. ??? ?????? ?? ???? ????? ??? ???? ?? ????. ??? ???, ?????? ???? ? ????? ??????? ? ????? ?????? ?? ?????????????? ? ??? ?????? ??? ???????? ???????. ?????, ??????? ???????? ?????????? ? ????…
February 1st, 2010 at 10:29 pm
????? +5 ?? ????. ?????????
February 7th, 2010 at 2:15 pm
Êàê çàðàáîòàòü â èíòåðíåòå…
èíñòðóêöèè ïî çàðàáîòêó â ñåòè…
February 9th, 2010 at 3:42 am
Ïÿòèçâåçäî÷íûå îòåëè Åãèïòà…
Åãèïåò - æåì÷óæèíà ìèðîâîé êóëüòóðû…
February 13th, 2010 at 3:47 pm
Âèäû âåíòèëÿöèîííîãî îáîðóäîâàíèÿ…
Ñèñòåìû âåíòèëÿöèè…
February 15th, 2010 at 6:40 am
Ãîðîä Ñèäå ðàñïîëîæåí íà ïîëóîñòðîâå â 75 êì îò Àíòàëüè…
Îòåëè ãîðîäà Ñèäå…
February 16th, 2010 at 5:02 am
Ãîà íàõîäèòñÿ íà çàïàäå Èíäèè…
Ìóçûêà, òàíöû, ïðèêëàäíîå è óñòíîå òâîð÷åñòâî ãëóáîêèìè êîðíÿìè óõîäÿò â äóøó Ãîà, à ðèòìû ïóëüñèðóþò â ñåðäöàõ åãî æèòåëåé…
February 17th, 2010 at 5:37 am
Êëàññèôèêàöèÿ è íàçíà÷åíèå êàáåëåé…
Ýëåêòðîêàáåëè…
February 18th, 2010 at 5:15 am
Îòåëè Àëàíèè…
Êóðîðòû Òóðöèè…
February 18th, 2010 at 5:47 pm
Great information! Thanks!
February 19th, 2010 at 5:11 pm
Ïèëîðàìû…
Áð¸âíîïèëüíûå äèñêîâûå ñòàíêè…
February 21st, 2010 at 10:02 am
Ïàðèæ - ñòîëèöà Ôðàíöèè…
Ïðîâåäèòå îòïóñê âî Ôðàíöèè…
February 22nd, 2010 at 11:15 am
Ïðàãà - Ãîðîä ñîòíè øïèëåé…
Ïðàãà - ñòîëèöà ×åõèè…
February 23rd, 2010 at 6:24 am
Êàíàðñêèå îñòðîâà…
Âàëåíñèÿ…
February 24th, 2010 at 8:18 am
Ãèäðàâëè÷åñêèå íàñîñû…
Íàñîñû è ãèäðàâëè÷åñêîå îáîðóäîâàíèå…
February 24th, 2010 at 9:04 am
???-?? ??? ?? ??????????
February 25th, 2010 at 9:48 am
ïíåâìîàâòîìàòèêà…
Ïðîìûøëåííîå èñïîëüçîâàíèå ïíåâìàòèêè íà÷àëîñü áîëåå ñòà ëåò íàçàä…
February 26th, 2010 at 6:03 am
Ìåêñèêà ? âîïëîùåíèå èäåàëüíîãî òóðèñòè÷åñêîãî íàïðàâëåíèÿ…
Ìåêñèêà ðàñïîëàãàåò ïî-íàñòîÿùåìó óíèêàëüíûìè âîçìîæíîñòÿìè äëÿ âñåõ âèäîâ òóðèçìà…
February 27th, 2010 at 8:26 am
Ìåäèöèíñêèå èçäåëèÿ…
Ìåäèöèíñêàÿ òåõíèêà…
February 28th, 2010 at 2:31 am
×åì òóðèñòîâ ïðèâëåêàåò Èñïàíèÿ…
5 äîâîäîâ çà îòäûõ â Èñïàíèè…
February 28th, 2010 at 9:33 pm
Hello. Great job. I did not expect this on a Wednesday. This is a great story. Thanks!
March 2nd, 2010 at 9:13 am
Îáùàÿ èíôîðìàöèÿ î Òóíèñå…
Äîñòîïðèìå÷àòåëüíîñòè Òóíèñà…
March 2nd, 2010 at 8:22 pm
Îáùàÿ èíôîðìàöèÿ î ×åðíîãîðèè…
Äîñòîïðèìå÷àòåëüíîñòè ×åðíîãîðèè…
March 3rd, 2010 at 9:49 pm
??, ??????? ???????
March 4th, 2010 at 6:17 am
Êëàññèôèêàöèÿ ñòàíêîâ è îáîðóäîâàíèÿ ïî ìåòàëëó…
Ìåòàëëîðåæóùèé ñòàíîê…
March 5th, 2010 at 8:22 am
Ïóòåøåñòâèå â Òàéëàíä…
Âåëèêîëåïíûé îòäûõ â Òàéëàíäå…
March 7th, 2010 at 8:31 am
Óëüòðàçâóêîâîé íåðàçðóøàþùèé êîíòðîëü…
Óëüòðàçâóêîâûå ïðèáîðû…
March 7th, 2010 at 9:02 am
If anyone has been following the apparent take down of Governor Patterson, then this latest coup for this detractors is disguesting. I don’t even live in New York, but of course I read the Times, the Post and the Daily News each and every day. Can his enemies, no, not even his enemies, just people who wanteed him out of the way to push their own agenda, could have acted any more indecent? If this is New York Politics, I am glad I live in the Federal City. What has occurred to Governor Patterson is outrageous. I hope for the People of New York, it was worth it to the victors off the spoils. Governor Paterson, you are well out of it. Let them fall on their faces. Get yourself together, take a break and watch their karma come back to haunt them. This was ridiculous. Hold your head up proudly as you make your exit. I’ll bet you Governor Patterson’s phone is ringing off the hook with the “I’m sorry, and is there anything I can do to help you” Ugh! POWER & PEOPLE! They make me sick! Why couldn’t he have run and then just legitmately lost the election. Afterall it is up to the New Yorkers am I right? If he were so terrible, why was he run out of office in this underhanded way.
March 9th, 2010 at 11:20 pm
?????????? ??? ????! ? ?????? ?????? ???? ???? ???????? ? ?????? ?????. ??? ????????? ???? ? ????? ??????????? ?????. ???? 2 ????? ???? ????????? ?????? ?? ?????? ??????-????? ???? ?????-???? ????????? ?????? ?????..? ??? ??? ?????? ??? ??????? ? ?????????. ??????? ????? ?????????? ??? ? ??? ?? ????.
? ????????? ??? ????????.
March 11th, 2010 at 4:45 pm
+1 ? ??????????? ??????????..
March 12th, 2010 at 4:29 am
Òàõåîìåòðû ýëåêòðîííûå…
Òåîäîëèòû ýëåêòðîííûå…
March 14th, 2010 at 5:56 am
Êîìïüþòåðû äëÿ ìîíòàæà â ïàíåëè óïðàâëåíèÿ…
Îäíîïëàòíûå ïðîìûøëåííûå êîìïüþòåðû…
March 14th, 2010 at 12:54 pm
???..????? ?????. ?????? ? ????????. ?????, ?????? ??????..?? ???????????? ????…?????? ?? ?????? ?? ??? ????????.
March 15th, 2010 at 4:37 am
Ëó÷øèå ïëÿæè Þæíî-Êèòàéñêîãî ìîðÿ…
Âüåòíàì - ñòðàíà ñ äðåâíåéøåé èñòîðèåé è êóëüòóðîé…