Google Acknowledges Orkut Bug

It gives me great pleasure that the effort I had put up in writing about the bug on Orkut has got results.

I received the mail from Google today appreciating about the post and would like to share this with you.

Hi Vaibhav,

My name is Tanushree Baruah and I work for the product and marketing
teams at Google. Recently, someone pointed out a blog post on a new
orkut bug here:

https://technofriends.wordpress.com/2007/09/04/this-is-a-serious-orkut-security-bug/

I am writing to confirm whether you are the author of this post. If
you are, then on behalf of the orkut product team, thank you so much
for bringing this bug to our notice.

As a token of our appreciation, we would like to send you some Google
goodies. Could you give me your shipping address so that I can make
arrangements to have these delivered to you? Also, it would be super
if you could let me know what your Tshirt size is.

Thank you. Stay Beautiful!
Tanushree


Tanushree Baruah
Spam/Product teams, orkut
Google Online Pvt Ltd
India

Its really heartening to know that people at Google are taking up the bug.

Also read:Uncovered: Serious Orkut Security BUG

Cheers to Technofriends,

Vaibhav

Advertisements

14 Responses

  1. Hi Vaibhav,
    Its indeed a good news. Hats off to you for noticing the bug and its nice of the Google team to have acknowledged it and thank you.

  2. Great job dude..
    i am sure.. now u will be on the list of google blogs we read!!

    All the best for future!

  3. Thanks Ram and NG.

    @Ram: Lets hope so buddy 🙂

    cheers,
    Vaibhav

  4. Congratulations, that is a rather nice compliment you have received as your efforts deserve the recognition, and kudos to Google for stepping up and supporting your good work.

    David Hurowitz
    http://www.searchtoppers.com
    dhurowitz@searchtoppers.com

  5. Gr8 work Dude..keep it up

  6. What is Google Online Pvt Ltd? There ain’t any such company. These incidents are handled by Google Security Team and not Spam/Product teams.

  7. India is full of Ankit Fadia’s and Aditya K. Sood’s.
    While I do not intend to ridicule Indian security
    researchers because some of them are truly good and
    have made good disclosures but people like Ankit Fadia
    and Aditya are a disgrace to India and the
    full-disclosure community.

    And a new such budding lame-ass is Vaibhav Pandey.
    Vaibhav Pandey has made a false claim of Google
    acknowledging a vulnerability:-

    https://technofriends.wordpress.com/2007/09/06/google-acknowledges-orkut-bug/

    Notice the signature of the so-called acknowledgement
    from Google:-

    [QUOTE]
    Tanushree Baruah
    Spam/Product teams, orkut
    Google Online Pvt Ltd
    India
    [/QUOTE]

    Where on earth is this company called “Google Online
    Pvt Ltd”? Isn’t the company called “Google Inc.”?

    And WTF is Spam/Product teams? This guy hasn’t even
    bothered to check the Google’s security page or he
    would have known that it is the Google security team
    that responds to security incidents.

  8. hi Smith,

    Google Online Pvt Ltd is a is a subsidary of Google Inc. I dont happen to be working for google and therefore i dont think i can answer your question as to whether Spam/Products team is the right team to handle this bug or not.
    Well, i believe the real proof will lie in the fact when the bug gets closed, which i believe will happen soon.
    Cheers,
    Vaibhav

  9. Dude.. Jay (http://seclists.org/fulldisclosure/2007/Sep/0109.html) has already written down an excellent comment for you. I would just appreciate if you could do a little googling before typing out your posts.

    Read More from Tanushree Barauah here
    http://en.blog.orkut.com/

    I believe the fact that this mail indeed came from Google will get proved once this bug get closed. which i believe will happen pretty soon..

    thanks buddy for reading the blog.

    Cheers,
    Vaibhav

  10. Great job dude!! Orkut is still evolving.. thanks to smart people like you!!! Keep up the great work..

  11. I have reported this bug on my blog in June 2007 and even informed orkut team but I dint get any response from them.

    http://webgeekblog.com/2007/06/30/interesting-security-bug-in-orkut/

  12. I am not sure of this Chandra.
    Anyways, good to know that this was known even before i discovered it 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: