MyBlogLog Let’s You Own Someone’s Blog

Google Tutor successfully owned Matt Cutts blogs at the MyBlogLog.

It’s another exploit revealed by MyBlogLog’s users after Shoemoney ended his expose on MyBlogLog’s holes (a bug, an exploit, a hack,).

Matt Cutts simply replied:

Truthfully, this doesn’t bother me that much. MyBlogLog was clearly shooting to get big quickly, so it seems like they skimped on some of the authentication stuff in order to be lighter weight and get more sign-ups quickly. Technorati, Yahoo’s Site Explorer and the Google webmaster console make you do more work to sign up (by adding a few bits on your blog or site), but the result is that you can trust the authentication more. So it was a design choice on MyBlogLog’s part to go for easy sign-up traction and less authentication. And it worked, because Yahoo bought them.

And advice us:

I don’t begrudge MBL that. But I also wouldn’t use the same password on MBL as I would on my bank site.

This is a warning actually…

Save to del.icio.us • Stumble It! • Submit To Netscape • Digg This!

Recently Commented

Posted by SELaplana, 17 March 2007 at Internet, Yahoo (No. of Views: 2974)

Comments

2 Responses to “MyBlogLog Let’s You Own Someone’s Blog”

1
Jam Says:
March 17th, 2007 at 8:06 pm
And it’s alarming actually. They should fix this glitch the soonest possible.
2
SELaplana Says:
March 19th, 2007 at 10:52 am
i think, Eric and company is working this problem already. We just don’t know if they fixed it already since they’re not yet posting any announcement on their blog.