The Windows Live service connectivity problems presented yesterday as a result of difficulties in one of its authentication servers.

Diario Ti: Microsoft writes on his blog that one of the authentication servers in Windows Live session would have experienced difficulties resulting in a surcharge that must be absorbed by the remaining servers. This situation led to many users experience difficulties in access to Microsoft Services for about an hour.

However, this does not seem to be the whole problem. According to Business Week, some users have accidentally accessed other users’ accounts. One of them told the paper that “suddenly opened the account a user totally unfamiliar to me. I tried again with the same result. I tried it several times and each time opened a separate account.

According to Microsoft, it is uncertain whether the two events are related.

“We are investigating reports that a limited sense of Windows Live users have had access to accounts of other users trying to access them by mobile readers,” said Microsoft in a statement reprinted by publications Cnet and Bloomberg, among others.

Microsoft emphasizes that assigns critical importance to the privacy of its users, and therefore has initiated an investigation to clarify the issue.

Sources: Business Week and CNet Silicon Republic.

A well-known programming error left the newly opened service to Google Buzz intruders interested in taking over the accounts of its users.

Diario Ti: Google Buzz has received strong criticism after its release. According to initial reports, a failure in the mobile version would be made possible, at least in theory, attacks by a cross-site scripting.

Microsoft, meanwhile, has assured that cares Buzz”, while the government of Canada is investigating the privacy policy of Google’s new service.

The latest negative news about Buzz has been filed by the computer security expert Robert Hansen, president of SecTheory, who says that Buzz could be easily hacked. Hansen himself was informed of a hacker named TrainReq, known in hacker circles for having spoken the email account of Miley Cyrus, stole photographs from which was subsequently made available without permission from the artist.

Hansen said that Google programmers have made a mistake and that the service could easily be spoken by intruders, using the so-called cross site scripting, which allows servers to run malicious code on others (in this case Google).

Thus, an attacker could publish a text in the account of a user of Google and use it later for phishing. Whereas knowledge of the user believes that the message comes from this person, you may induce them to click on links that would otherwise not activated, said Hansen.

Google fixed the problem immediately, a situation which was verified by Hansen himself. Indeed, the script in question is now presented only in text without being interpreted or executed by the browser.

According to Hansen, then it was a shameful mistake for a respected company as big as Google. The expert concluded by wondering how you can feel safe with all the information Google collects from its users when the company is not able to adequately secure their own services.

Wikipedia information about Cross Site Scripting