|Google and LiveJournal
||[Jun. 4th, 2005|08:49 pm]
With all the kerfuffle surrounding Google's launch of their Web Accelerator and the veritable shitstorm that resulted from it, I was wondering what the community's position (and perhaps more importantly, LiveJournal/SixApart's position) on it is, given that there are tried and tested ways of blocking the Web Accelerator from accessing sites, as well as ways of preventing the Google Toolbar from changing page content using AutoLink.|
A number of web sites have implemented access restrictions lately to block the GWA from accessing pages, and the reasons given for these restrictions - notably the eight provided over at Wolf-howl's block page - raise a number of important concerns for LiveJournal users, especially the security concerns. Use of the GWA proxy with a LiveJournal login session makes all of that user's LiveJournal cookies, account information and access rights available to Google's servers, as the Accelerator may for example pre-fetch editinfo.bml or friends-only entries even if the user doesn't access them.
Those users of the GWA won't necessarily be aware that this essentially personal and confidential data is being accessed on their behalf, unless they read through the T&Cs or the support page, essentially making webmasters responsible for raising awareness of this and in some cases blocking the GWA entirely. I'm sure its pre-fetch habits ultimately lead to an increase in used (and wasted) bandwidth, and I'm sure few users would be happy to know that their friends-only entries may be being funneled through a virtual proxy provided by a company people are starting to distrust.
The solution I have encountered for blocking GWA from accessing pages relies on mod_rewrite, although there may be a more elegant solution for a site the size of LiveJournal. (A number of solutions also exist for blocking Google Toolbar's rewrite capabilities.) Thoughts?