GMail Vulnerable To Contact List Hijacking
Anonymous Coward writes "By simply logging in to GMail and visiting a website, a malicious website can steal your contact list, and all their details. The problem occurs because Google stores the contact list data in a Javascript file. So far the attack only works on Firefox, and doesn't appear to work in Opera or Internet explorer 7. IE6 was un-tested as of now."
Firefox has become a bloated mess, the developers are incompetent and the open source model has been proven inefficient and insecure.
Get it here: http://www.microsoft.com/windows/ie/
there are only prim4 donnas, and
If this was a problem with hotmail or yahoo, by now, there would have been a zillion posts trashing MS or yahoo. Since it is gmail, every post is trashing the submitter for saying firefox only and ignoring the other browsers (although that is a problem too). How typical of slashdot sheep
To Stalus or anyone else on Slashdot. I have a couple of questions that I would deeply appreciate if they could be answered. Ok this latest hack on gmail. Is it only your contact list that they recieve. Is nothing else hacked into like your inbox, messeges sent, etc? If so, I will be lmaf. Many of my contacts are programmers, and they will not take this spam hack lying down. If anyone can track these bozos they will, and they know how to retaliate lol. Second, an earlier story had about 60 gmail account files completely deleted. Is this part of the same hack or problem? Or is it a seperate incident and as Google claimed a glitch that has been fixed? Perhaps when they corrected the "glitch" they created a "issue", like a vulnerability that caused this contact hack? Any enlightnment would be greatly appreciated. Thank you.