Google Translate glitch opens security hole

Tim Greene (Network World)
01 December, 2011 02:31
Comments

Developers moving to the upcoming paid version of Google Translate need to follow the documentation so their implementation of the package doesn't lead them to paying for someone else's use of the platform.

In its current form, if it's running on the same server as the chat program it's translating for, Google Translate exposes to public view the customer identification code associated with a particular user.

MASSIVE: Hackers launch millions of Java exploits, says Microsoft

Proxying the translator to another server hides the API that exposes the code and solves the problem, Google says in its documentation.

Developers at unified communications vendor IceWarp, which integrates Google Translate into its UC product, discovered the problem while working on its own implementation and put out a warning.

If the customer code is left exposed it can be copied and placed in another instance of Google Translate, meaning that the customer whose code was stolen will receive the bill for the customer who reuses it, says IceWarp.

At the moment the problem doesn't make any difference because Google doesn't charge for use of Google Translate, says Ladislav Goc , IceWarp's president.

But come January, Google says it will charge licensees based on how many characters it translates. Then, if the proxying option isn't used, customers run the risk of being hacked and billed for other licensees' use, Goc says

Google points to its documentation that says developers can restrict their API keys to a white list. "As a best practice for security, we recommend that developers proxy the API requests through their own server to keep their key private," a spokesman for Google says.

Goc says IceWarp's implementation will be done on an accompanying server, not the Web server hosting the chat page. That means the raw code is blocked from public view, he says.

Read more about wide area network in Network World's Wide Area Network section.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: Google, LAN, Microsoft

References show all

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

HP ePrint Enterprise mobile printing solution

Latest Stories

Community Comments

"I am truly thankful to the owner of this website who has ..."

How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"

Pfizer's Future Depends on IT Transformation
"qadsw , natural herbal breast enhancement http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"

Pfizer's Future Depends on IT Transformation
"waegq , herbal breast enlargement http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"

Pfizer's Future Depends on IT Transformation
"This will be a terrific blog, would you be interested in doing ..."

Apple aims iPads at High Schools

Tags: application development, Google, Microsoft, programming, security, software

Latest Blog Posts

Whitepapers

Best Practices for Implementing a Data Warehouse on the Oracle Exadata Database Machine
Increasingly companies are recognizing the value of an enterprise data warehouse (EDW). A true EDW provides a single 360-degree view of the business and a powerful platform for a wide spectrum of business intelligence tasks ranging from predictive analysis to near real-time strategic and tactical decision support throughout the organization. Ensuring the EDW will get the desired performance and will scale out as your data grows you need to get three fundamental things correct, the hardware configuration, the physical data model and the data loading process. Read on.

Learn more »
High Availability with Oracle Database 11g Release 2
In this paper, we review the common causes of application downtime and discuss how technologies available in the Oracle Database can help avoid costly downtime and enable rapid recovery from unplanned failures and also minimize impact from planned outages. We also highlight new technologies introduced in Oracle Database 11g Release 2 that enable businesses to make their IT infrastructure even more robust and fault tolerant, maximize their return on investment on high availability infrastructure, and provide better quality of service to users.

Learn more »
Why performance management? A guide for the midsize organisation
Midsize organisations are uniquely positioned to take advantage of a performance management approach to business. Compared with larger companies, they have more agility to bring information and people together and respond faster to changing market conditions. With one performance management solution, midsize companies can turn disconnected data into information, turn information into valuable insight and turn insight into action.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Prepare Your Enterprise for the Mobile Revolution: Boost the Bottom Line with Mobile UC

This white paper will highlight the changes in the mobile workplace; outline the benefits of unified communications (UC) and Fixed-Mobile Convergence (FMC) for mobile workers; identify the key market trends ...

Recent comments

"I am truly thankful to the owner of this website who has ..."
How to implement next-generation storage infrastructure for Big Data
"hwjae , click here http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"
Pfizer's Future Depends on IT Transformation
"qadsw , natural herbal breast enhancement http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"
Pfizer's Future Depends on IT Transformation
"waegq , herbal breast enlargement http://www.breastenhanceproduct.org/how-to-benefit-from-herbal-breast-enhancements"
Pfizer's Future Depends on IT Transformation
"This will be a terrific blog, would you be interested in doing ..."
Apple aims iPads at High Schools

Follow CIO

Market Place

Gartner Security & Risk Management Summit, 16-17 July 2012, Sydney

Cyber Security Summit 2012 | 1-3 August | Save $150 using promo code CSO | Check out agenda today

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

Google Translate glitch opens security hole

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

5 open source billing systems to watch

NBN Co focuses on continuous delivery to meet its deadlines

10 Tips for Dealing with a Bully Boss

Face Time - Interview with John Brennan and Robert DiStefano

All Systems Down

Pfizer's Future Depends on IT Transformation

IT service management going social

10 Tips for Dealing with a Bully Boss

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Prepare Your Enterprise for the Mobile Revolution: Boost the Bottom Line with Mobile UC

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012