Can a browser’s search function work too well? After playing around with Google’s brand new Chrome browser, we’ve discovered that its history search box will fetch all types of data - even text from HTTPS-protected financial sites like Washington Mutual and Capital One. With a few utterly simple keywords like balance, account and Sept., everything from balance information, account numbers and even how much you spent at Costco can be pulled up.More details over here.
To see all of this in action, just open up Chrome and log in to your favorite financial website. Like most important sites, it should be protected with HTTPS/SSL encryption and that should be evident in the address bar of the browser. Do the stuff you would normally do like look at your balances and gawk at your latest transactions and then open up a new tab in Chrome by clicking the “+” symbol. In the right-hand history search box, enter a few keywords and see what they get you. Surprised? I bet you are. No luck? Then try something simple like oh Visa, Mastercard, balance and account. Also try out the names and abbreviations of months like September, Sept and Sep.
Google Chrome a security nightmare?
Posted on Friday, September 05 2008 @ 2:51 CEST by Thomas De Maesschalck