GMail security problem fixed



Google’s not had a great week it would appear (Sony’s had worse… but that’s another story). The Analytics launch was somewhat rocky from most accounts and there is a GMail security bug that’s been announced and fixed. Details on the bug are here, and a writeup is also here.

Apparently a flaw in the authentication method that Google used could allow a user to log in under another account and read messages as well as pose as a legit user.


I’ve looked at the description of the hack, it’s fairly, ummm let’s say involved. It’s not clear to me that an attacker could do this without being at the same machine used to log in on. (say you’re in an internet cafe or library..), Still, Google patched it 4 days after being notified. Didn’t say anything publicly (which is why they released details and subsequently Google has explained that they did patch the vulnerability.)

Some say, there are probably many other sites that are vulnerable to this kind of attack.

Related Posts

Blog Traffic Exchange Related Posts
  • Massive Windows Update Tuesday Microsoft had a mammoth patch Tuesday this month with 28 bug fixes (23 critical). (Computerworld article linked above. This is one of the largest update releases in five years (!) Those fixes were wrapped up in 8 updates for Internet Exporer, Office, Sharepoint, Windows media player and visual studio and......
  • How to Remove Personal Security | Personal Security Removal Guide Personal Security is a rogue antivirus application that comes from the same (dreaded) family as the Cyber Security rogue. It usually installs on the users computer without the permission of the computer user. Once installed on the system it will then perform supposed scans finding lots of virus infected files......
  • BIOS based rootkits coming soon.... There have been a couple stories out of the "Blackhat federal" conference in the last couple days. Brian Krebs at the Security Fix gives a good overview. One of the more troubling notes is the possibility of creating a rootkit that can hide itself in a systems BIOS. Security Focus......
Blog Traffic Exchange Related Websites
  • Gmail for Free! Phaw still has 99 gmail accounts to give away for free! If you want your own cooool Gmail account, just post your email address in the comments section and I will invite you for a free Gmail account!! With all its cool and oh so helpful features, why is Gmail......
  • Google Webmaster Tools External Links Detail Error This morning I was trying to do some analysis with my Greasemonkey script for displaying nofollow information in Google Webmaster tools.  Unfortunately, it seems that the external links detail pages are dead.  I'm getting an error that says Our system is currently busy. Please try again in a few......
  • Google Says 60% of Local Searches Lead To Sales - Internet Marketing Redefined [/caption] How many of you have included some degree of "offline" in your Internet Marketing strategies? Did you know that 60% of Local Searches that take place on Google lead to sales? I mean.. How powerful is that man! :) This is not some regurgitated statistic, it's Google themselves......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site