In fact, I do that anyway for just about all the “medium security” sites when I browse except for just a handful of “low-security” forum sites that I just generally stay logged into at all times. “High-security” sites (related to on-line banking activities) always get a new browser window…login…perform the activity…logout…delete cache/forms…close browser..then reopen a fresh browser session for regular web surfing again. Do others to that as well?

I haven’t gone to those extremes but I have to admit that it’s a good idea. I may have to start doing things like that as well.

Since I have come to depend a great deal on the Google resources…and have been a bit paranoid about an exploit like that occurring…I have always been in the habit of fully logging out of any Google/Blogger/Gmail/etc. resource when I am done.

In fact, I do that anyway for just about all the “medium security” sites when I browse except for just a handful of “low-security” forum sites that I just generally stay logged into at all times. “High-security” sites (related to on-line banking activities) always get a new browser window…login…perform the activity…logout…delete cache/forms…close browser..then reopen a fresh browser session for regular web surfing again. Do others to that as well?

It’s not quite as convenient, but (I hope) more secure.

Then again, now that tabbed browsing is pretty common in FF and IE7, I guess I have to be that much more careful that opening any additional site-pages while I am signed in to my Google accounts.

I didn’t worry about clicking that link, as it’s my contacts that would have been spammed

I have heard that for this to be exploited, you have to have one of your Google resources (Gmail, Calendar, etc.) running while you are browsing the web. If you hit a website that is exploiting this with one of those other resources open, then the exploit will work and your contact information will be taken.

I guess I need to get into the habit of closing Gmail when I am browsing the web as I normally leave it open.