Latest InsideMicrosoft Posts: InsideGoogle: Gmail Security Breach Discovered .comment-link {margin-left:.6em;}
Saturday, October 30, 2004
Gmail Security Breach Discovered
A major security hole in Gmail has been found, reports the Israeli site Nana. A hacker, Nir Goldshlagger, told Nana NetLife Magazine that, "Everything could get publicly exposed – your received mails might be readable, as well as all of your sent mail, and furthermore – anyone could send and receive mail under your name". He also warned that even a novice hacker could exploit the hole. Google has admitted to the existence of the breach, which involves allowing a hacker to steal your Gmail cookie and use it to log in to your account. Gmail is noted to be more of a security threat than most email inboxes, since users tend to store more mail than on most services, thus increasing the likelihood hackers will find sensitive information, like credit card numbers. Aimless Words suggests not clicking on the "Don't ask for my password for 2 weeks" option, and notes that it is an XSS exploit. Slashdot talks about it here, as does the Register. Google Blogoscoped notes that all Gmail users who did click the auto-login button were forced to re-login this morning, so Google may have already dealt with it.

Comments: Post a Comment

Links to this post:

Create a Link

<< Home

Powered by Blogger

Who Reads InsideGoogle?

The Seattle Times

Evan Williams

Most Popular Posts
A Look At Google's Secret Instant Messaging Product: Hello

New Gmail Features Include An Atom Feed

An Interview With Google's Marissa Mayer at Digital Life

Google And Microsoft: Neighbors