Google's Security Gaffe: Do No Evil?

I'm so confused. I thought that Apple was the evil empire, and Google couldn't do evil. Now it looks like they might both be capable of nefarious acts, as it's alleged that Google's allowed its advertisers to store cookies on Safari user's systems -- even if you'd never visited the advertiser's page. The Wall Street Journal reports on the issue, which appears to affect both the desktop and iOS versions of Safari. By default, a cookie should only be stored on systems when you've visited a site that creates them -- and as long as the user has cookies enabled -- but according to the report, Google's cookie code enabled advertisers to bypass the default blocking on mobile devices, as well as enable tracking across most websites once active. The report notes that Google's since disabled that particular bit of code. Speaking to the BBC, Google senior vice president Rachel Whetstone dismissed the report, stating that last year

'…we created a temporary communication link between Safari browsers and Google's servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalisation. The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser. We didn't anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It's important to stress that, just as on other browsers, these advertising cookies do not collect personal information.'

[Wall Street Journal and BBC]