Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Corrects Gmail Security Flaw

Posted by Zonk on from the seekrit-communications dept.

0110011001110101 writes "Google said Wednesday it has fixed a problem in its widely used email program that allowed hackers to break into peoples Gmail accounts to read messages and pose as legitimate email users. Security researchers in Spain exposed a flaw in the way Google authenticates its users, allowing the breach in the system that counts more than 5 million users. The process for exploiting Gmail was posted to a hacker web site." From the article: "Google spokesperson Sonya Boralv said only users who supplied information to the hackers were potentially vulnerable. 'We looked into this quickly and learned that it can only occur if a user knowingly provides their credentials,' Ms. Boralv said. 'Nevertheless, we have made some modifications to Gmail to help prevent these kinds of issues.'"

4 of 209 comments (clear)

  1. So hackers can't get in now... by Galius+Persnickety · · Score: 5, Funny

    So hackers can't get in now if I give them my credentials?

  2. Re:While they're there... by timster · · Score: 5, Informative

    If you make your bookmark https://mail.google.com/ it will present both the login and the rest of the site via HTTPS.

    --
    I have seen the future, and it is inconvenient.
  3. Re:Grammar Police by MSantiago · · Score: 5, Funny
    "While the hacker website that published the exploit is safe from Criminal Prosecution, they may still get a visit from the Grammar Police Then again, its a spanish language site, so I give them kudos for finding someone whose English isn't terrible to write it up for them."


    Hate to do this to you, but when someone starts criticizing someone else's grammar, they'd better use proper grammar, punctuation, spelling, and capitalization in their own posts.

    For starters, "Criminal Prosecution" isn't a proper noun and shouldn't be capitalized. Also, "its" is not being used in its possessive form. Rather, it's a contraction of "it is" and should contain an apostrophe. Lastly, "spanish" must be capitalized.
  4. Google fix by spurtle15 · · Score: 5, Funny

    FTFA

    "We looked into this quickly and learned that it can only occur if a user knowingly provides their credentials," Ms. Boralv said. "Nevertheless, we have made some modifications to Gmail to help prevent these kinds of issues."

    Fix:

    From: Google
    To: Gmail users
    Subject: Security Bug

    To all Gmail users:

    Please do not give out your user name and password.

    Thank you. That is all.