[cap-talk] Toolbars and unguessable URLs

[Mike Samuel]

Matt Cutts has a blog post here
You sometimes hear people say "I installed the Google Toolbar, and a day
later, Google crawled my secret/unlinked page. Clearly installing the Google
Toolbar caused that!" Then you'll often see me post and say "No, it didn't."

I can't find anything from a Yahoo spokesman on the same question.



2008/9/25 Mike Samuel <mikesamuel at gmail.com>

>
>
> 2008/9/25 Tyler Close <tyler.close at gmail.com>
>
>> On Wed, Sep 24, 2008 at 12:45 AM, Mike Samuel <mikesamuel at gmail.com>
>> wrote:
>> > If Yahoo is sending the complete referer then it is definitely sending
>> URI
>> > references.
>>
>> The HTTP Referer header is defined to contain a URI and specifically
>> says it MUST NOT contain a URI reference. AFAICT, this conformance
>> language is commonly implemented by browsers.
>>
>
> Quite right.
>
>
> Of course, I doubt any of the quoted text makes any attempt to use
>> terminology correctly, so it's impossible to know what these tools are
>> doing.
>>
>
> Without looking at what goes over the wire.
>
>
> > With the Google toolbar privacy policy, it's less clear.
>>
>> The Google policy makes it impossible to create any access-control
>> mechanism that is not vulnerable to the Google software. They
>> explicitly say they can grab any information they want.
>>
>
>
> > According to privacy policies
>> > http://www.google.com/support/toolbar/bin/static.py?page=privacy.html&
>> > Certain optional Toolbar features operate by sending Google the
>> addresses or
>> > other information about sites when you visit them.
>>
>> They can drive a truck through that last phrase.
>>
>> I think the only rational thing to do here is accept that users of
>> these toolbars are fully vulnerable to them. That and poke fun at them
>> for making their users so vulnerable.
>>
>> --Tyler
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20080925/e9920139/attachment.html