Whoami? Google Account Leakage?

So I’m up working late tonight (well, late for me – 10pm. I normally go to bed by 9 – I’m old) and I fired up Firefox to recheck the time of my flight tomorrow morning (Yay! DrupalCon DC).

I landed on the Firefox Google homepage, as I always do in a new browser window – http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official is the address, I believe it is the default shipped with firefox.

But look at what I see in the upper right hand corner where my email address should be (click on the image for full sized one):

Google Homepage Issue

Google Homepage Issue

Very strange. I tried, just for investigation, clicking into “my account” or some of the other google services – I don’t seem to be actually logged in as someone else. Anything which would require login actually asks me to login and doesn’t prefill the box with stephenandmandy or anything. But it is really odd to see someone else’s email in that upper right corner.

Anyone else seeing this?

(For the non *nix folks in the audience, whoami is a shell command on most unix/linux systems that tells you what user account you are currently logged in as – or, as the man page so concisely puts it:

whoami — display effective user id

Try it on your local *nix box today.)

Did you like this? Share it:
2 Comments. Leave a comment or send a Trackback.
  1. #1 • Salvatore Incandela said on March 5 2009:
     

    Hi John, the same thing happened to me, hopefully will not happen for email!

  2. #2 • Seth Gottlieb said on March 30 2009:
     

    This seems like a simple caching issue. Since that page is requested so many times, it is probably heavily cached. I always thought it was strange that they would try to personalize that page and they probably cache all but that little block. But probably something got stuck in one of the many caching layers (perhaps even at the CDN level). I still think they should have a different, totally cached page for that “Firefox start” page. While this is probably not a huge security risk, it is certainly a serious privacy issue. Sorry stephenandmandy!