Hacking Google ChatBack widget

Last night, I enabled Google ChatBack and one of the readers, Raxit did an interesting hack. He took the source code, copied the ChatBack script/code and published that in his site.

Result?

It seems anybody can copy other’s widgets and have a “Chat with Ashish Sinha” widget installed on the site (see this example).

So what? Isn’t that true for any script that one installs on site/blog?

Well, it depends. It depends on what script are you playing with? Why? Because any porn site can host “Talk with Michael Arrington” widget..infact anybody can run a bot and harvest other’s GTalk id. Worst, any bot can collect the code across sites and start spamming !

I may not be techie enough to understand what can potentially go wrong, but one thing is for sure – GTalk id is my Google Account id and I wouldn’t want to take any sorts of risk for a service which is just not worth the associated spam.

I’d still prefer MeeboMe!

Add comment

NextBigWhat brings you curated insights and wisdom on product and growth from the wild web.

Over 2 million people receive our weekly curated insights.

Newsletter

Newsletter