• 1. London, UK
  • 2. New York, NY
  • 3. Sydney, Australia
  • 4. Melbourne, Australia
  • 5. Moscow, Russia
  • 6. Singapore
  • 7. Paris, France
  • 8. Chicago, IL
  • 9. Hong Kong
  • 10. Houston, TX

Friday, September 28, 2007

 

Gmail flaw allows forwarding messages to attacker's mailbox

Posted by Bharat Suneja at 1:47 AM
As I sat watching a cool video put together by "Gmail fans" yesterday, reports of a flaw with Google's popular web-based email service were beginning to appear. The flaw allows an attacker to create a filter to forward a victim's messages to any email address specified by the attacker.

Scary stuff - Gmail is one of the email services I use.

More in "Gmail zero-day flaw allows attackers to steal messages" on InfoWorld.com.

Little over a week ago, Google Docs' new Presentations feature, a would-be competitor for Microsoft PowerPoint, reportedly revealed email addresses of users collaborating/viewing a presentation. Not a very serious flaw, imo, but it had privacy experts concerned.

This is not as much about pointing out Google's vulnerabilities, but more about realizing that web-based software, just like software that runs on your PCs or servers, can have vulnerabilities. Additionally, so can the infrastructure of web-based service providers.

I was recently notified by another web-based service provider that their databases were compromised, but they're making sure no major damage is done (or some such verbiage that I can't seem to recollect but didn't make much sense at all when I read it). I should monitor my credit reports, it added further. Thanks, that makes me feel very comfortable. Where do I send the bill from the credit monitoring service?

The Gmail collaborative video wasn't nearly as bad.

Labels: ,

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home