Thursday, June 4, 2009

Security still sucks in Orkut

Hey
Recently, i discovered a new flaw in Orkut. No matter how much do the guys at Google try to fix things, some flaws always remain. Some months back, Orkut had introduced a feature with which one could post a photograph, and none could save the photograph from the net to their pc's(when you right click, it doesn't give the option of 'save as' , as the page is a script, which also means that no source code tricks!).

To this, there's a very stupid trick.

Write something on the comment box(just a couple of words or so) and try dragging the photograph to the comment box. You'll see a url after the words you just typed. Thats the link you needed ! Copy that link and paste it in the address bar of a new window and wallah... there's the picture.

I wonder whether the google guys are giving this blog a good read(though they're hosting this blog too !).

No comments: