Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: open
This seems to fit the intent of this article but I would hardly call it a high level security risk.
At this point in the process I did not actually have a gmail account and had provided little or no information about myself (G knew that I had another email address, the one I was invited on, and that my name was supposedly xyz).
Sounds very dramatic though (and the vagueness of this article allows the imagination to play with this).
Yes, it's true
A remote user may be able to determine information about another userbut as I saw it, the sum of that information was ... that another person on the planet had the desire to register a google email address of 'redwidget' :)
It is still a beta product.