Gmail Hole Found and Fixed

Filed in: Google, Life Log, Security — November 1st, 2004

SAN FRANCISCO – Google Inc. has fixed a security flaw in its Gmail Web-based e-mail service that allowed attackers to hijack users’ e-mail accounts.

“Google was recently alerted to a potential security vulnerability affecting the Gmail service. We have since fixed this vulnerability, and all current and future Gmail users are protected,” Google spokesman Nathan Tyler said.

The problem was in the way Gmail authenticated users. An attacker could steal a so-called cookie file identifying the user by making use of a seemingly innocent link to Google’s own Web site, according to a report on the Web site of the Israeli publication Nana NetLife Magazine on Thursday.

[ Read InfoWorld ]

Thought:
Google seems like busy fixing bugs since it released Google Desktop Search

BTW, here is official Gmail bugs list. Gmail may not as good as you thought.

Like this post? Please share:

Follow @liewcf on Twitter; Join Facebook page; Subscribe to free newsletter for updates like this article..

  • Pingback: Screenshots...

  • http://www.orica.com/ ahkiong

    Phew…that was really close. If my Gmail account was being hacked, i would be dead. I used Gmail as my company correspondent email. I still wondering which web based email have the best security. As i know Hotmail provide the best security but the problem is, it is far too slow from Gmail.

    I did tried to hack my Gmail account last time and it doesn’t work out. I did used my own log in cookie to give a try but it came out anonymous.

  • http://www.orica.com ahkiong

    Phew…that was really close. If my Gmail account was being hacked, i would be dead. I used Gmail as my company correspondent email. I still wondering which web based email have the best security. As i know Hotmail provide the best security but the problem is, it is far too slow from Gmail.

    I did tried to hack my Gmail account last time and it doesn’t work out. I did used my own log in cookie to give a try but it came out anonymous.

  • http://www.liewcf.com/ LcF

    Google has fixed all known holes in Gmail, anyway.
    As for the security and privacy problem, anything that goes online is NOT secure and NO privacy.

  • http://www.liewcf.com LcF

    Google has fixed all known holes in Gmail, anyway.
    As for the security and privacy problem, anything that goes online is NOT secure and NO privacy.

t