Abusing HTTP Status Codes To Expose Private Info 133
An anonymous reader writes "Here's a neat technique for testing if people are logged into other websites. Examples for Facebook, Twitter, GMail and Digg are provided." Like we needed more reasons to use the Chrome incognito function.
Re:The idea behind it... (Score:5, Interesting)
Re:Not quite (Score:4, Interesting)
It might not work as well as they think. I got this as I read down a bit:
Actually, I am browsing with Chrome, but have not opened GMail in this session at all, not once since the reboot. Maybe it is something Chrome is doing, since I get "No, you're not logged in" while using the incognito window.
If you are using your gmail account to download bookmarks, custom home page or whatever Chrome may be logging into gmail for, it may throw off the result.
However, in saying that, I noticed that it reported me logged into Facebook, which I am not, nor have I since my last reboot. I'm running Firefox 3.6.13.