GoogleVoice Voicemail Flaw?
This isnt good.
"Holy crap. It seems that Google is going to have some pretty serious explaining to do this morning, as one of our readers has sent us in a tip that reveals a major security flaw involving Google Voice. After entering “site:https://www.google.com/voice/fm/* ” into Google, our reader was shocked and discouraged to be greeted by 31 voice mail messages belonging to random Google Voice accounts. Clicking on each revealed not only the audio file and transcript of the call, but it also listed the callers name and phone number as it would if you were checking your own Google Voice voice mail. We’re not too sure if this flaw is something new or if it has been around since Google Voice started, and could just be test messages, but needless to say the matter has to be fixed if it’s legit. Some censored screenshots are after the jump.
Random users Google Voice mail is searchable by anyone? : Boy Genius Report
Google Voice Mail searchable by ANY random user?
It was initially being reported that there is a MAJOR security issue with Google Voice Mail. Readers at BGR are stating that a trip to https://www.google.com/voice/fm/* in Google revealed over 30 voice mail messages belonging to various Google Voice accounts. Each revealed link showed the voice mail transcript, audio file, and even the caller's name and phone number.
However, after a little digging it seems these voice-mails were publicly posted online and have been indexed by the Google service. Here is the official word from Google:
"Since the initial idea behind posting a voicemail, was precisely to share it with others, we did not restrict crawling of those messages that users post on the web, but we can certainly understand that users would want to make them public on their sites but not necessarily searchable directly outside of their own website. We made a change to prevent those to be crawled so only the site owner can decide to index them.”
Remember, if you don't want it known, don't put it on a computer!