Comments on: Gmail cookie vulnerability exposes user's privacy

Program developed by "ethical hacking" group takes advantage of cross-site scripting vulnerability to steal contacts, forward e-mail.

[FutureGuy]

Google has bugs!!!

OMG, though that could never happen. Welcome to the real world.

[KTLA_knew]

Oh, Pu-leeze.

Google invented the internet, and is capable of doing no evil. (Says so in their mission statement.) Leaving user data at risk is only done through incopmetence at best, but usually because a company is evil. It's true, I've read it on the internet, RIGHT HERE at Cnet.

Software doesn't all have bugs, just evil software does. Google can do no evil, therefore, no bugs.

*OR*, we could all just admit that all software has bugs, but that is SO not fun, it would paint a bad picture of <insert software religion icon du jour here>.

[Fat Drunk and Stupid]

This is unique to Google?

Someone exploited a vulnerability in cross-site scripting to gain access to a Gmail account and it is Google's fault?

The same thing can't be done to gain access to any other web service?

What if I'm logged into my CNET account and I click on a malicious link that snarfs my CNET cookie? Is this possible or is this vulnerability exclusive to Google?

Less fear and more facts please.

[fred dunn]

Tell me it ain't so...Google can do no wrong...

Typical for a web app.
Memo to all CIOs out there that chose gmail:
HA-HA.

[solrosenberg]

Typical comment for an IT monkey...

Fearing for his job. You might have to find real work if companies figured out they don't need to pay you to dick around with the Exchange server all day.