GMail security problem fixed



Google’s not had a great week it would appear (Sony’s had worse… but that’s another story). The Analytics launch was somewhat rocky from most accounts and there is a GMail security bug that’s been announced and fixed. Details on the bug are here, and a writeup is also here.

Apparently a flaw in the authentication method that Google used could allow a user to log in under another account and read messages as well as pose as a legit user.


I’ve looked at the description of the hack, it’s fairly, ummm let’s say involved. It’s not clear to me that an attacker could do this without being at the same machine used to log in on. (say you’re in an internet cafe or library..), Still, Google patched it 4 days after being notified. Didn’t say anything publicly (which is why they released details and subsequently Google has explained that they did patch the vulnerability.)

Some say, there are probably many other sites that are vulnerable to this kind of attack.

Related Posts

Blog Traffic Exchange Related Posts
  • Google Voice Review | I got the golden ticket.... Last Thursday I opened up my GMail and found to my surprise that I had an invite to Google Voice. I didn't have time to deal with it at that time, so I saved it as new until Thursday evening and spent some time then playing with it. I had......
  • How to Remove Personal Security | Personal Security Removal Guide Personal Security is a rogue antivirus application that comes from the same (dreaded) family as the Cyber Security rogue. It usually installs on the users computer without the permission of the computer user. Once installed on the system it will then perform supposed scans finding lots of virus infected files......
  • NO, Google has NOT cancelled click-to-call It was an odd message that started this on the official google blog. I saw it and thought this doesn't make sense - it doesn't sound like an official statement and it claims it was translated from another language???? Posted by "Maximal" here is the original Google Blog post... After......
Blog Traffic Exchange Related Websites
  • Google Says 60% of Local Searches Lead To Sales - Internet Marketing Redefined [/caption] How many of you have included some degree of "offline" in your Internet Marketing strategies? Did you know that 60% of Local Searches that take place on Google lead to sales? I mean.. How powerful is that man! :) This is not some regurgitated statistic, it's Google themselves......
  • webOS 1.4.5 Now Available For Sprint Palm Pre and Palm Pixi Users Last week, Palm finally released the webOS 1.4.5 update for the Sprint Palm Pre and Palm Pixi. While the latest OS upgrade is available in Europe since last month, there's still no news as to when Palm plans to release the webOS 1.4.5 update for Verizon and AT&T customers. If you......
  • New Domain to Google Page Rank 5 in One Month Google said Merry Christmas and Happy New Year to Blog Traffic Exchange with the final toolbar pagerank update of 2008 according to Matt Cutts. This was the first page rank update since launching the domain in late November with this blog. So in one month how much page rank can......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site