Gmail Security Exploit
 

Be careful what you are clicking on if you have a Gmail account.


"So you?ve got a Gmail mail account? Or maybe you?ve just received an invitation? Well, we have some bad news for you: Your mail box is exposed. A major security hole in Google's mail service, allows full access to user accounts, without the need of a password"... FULL STORY


Please limit your replies to either:

A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.

or

B) This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

:upsidedow

all your gmail are belong to us.


Hmm

Proxys

Pay per email program

haxed gmails



:mad:

Ha! My Gmail account is EMPTY! Go get it, hackers!

Sweet, but you need to give up your cookie first, click here!

Be care full on what links you click :)

youre all fucking stupid

just as stupid as the retards who use firefox instead of programs like myie2 which are clearly better and faster but arent "secure". you paranoid stupid idiots

can you even read the article? you need the persons cookie to do it. if you can get the persons cookie, youre gonna have to either hack into the computer, or just go grab it if its like your roomates computer. but why not just install a keylogger or something. this exploit is stupid, and it means nothing. carry on with your ignorant lives

Apparently you DIDN'T read the article

...It allows the hacker to "snatch" the victims cookie file (a file planted in the victim's computer used to identify him) using a seemingly innocent link (which directs to Gmail's site itself). Once stolen, this cookie file allows the hacker to identify himself as the victim, without the need of a password...."

Please change your sig to "Apparently not so experienced Windows Programmer on crack" :glugglug

It's a general exploit then for all systems that don't encrypt the passwords stored in a cookie

It's amazing how the simple exploits are always looked over by software companies...

hmm, that is old new my friend , the latest news is that google made a statement there was a slight problem but has been fixed already......

A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.

good for me as well, haven't installed my 2 gmail invites :thumbsup

"reveals Nir Goldshlagger, an Israeli hacker"

Are those Israelis ever up to anything good?

This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

read the thread then reply ;) not just the topic title and the first post , this is old news and the exploit was already fixed before this topic was posted :glugglug

This is about as worrysome as a cloudy day..

yep old hat

It's only old news if you have heard it before and most people don't read obscure Israeli sites.


Hmm Israeli... Fake Nick..... hmmmm I wonder

Anyhow the original Exploit was posted like 3 days ago. Several news services picked it up in the last day.

But you are correct that Google has patched it already :)

Found this from yesterday, sorry it is almost 24 hours old :winkwink:

"SAN FRANCISCO - Google (Profile, Products, Articles) Inc. has fixed a security flaw in its Gmail Web-based e-mail service that allowed attackers to hijack users' e-mail accounts...."

FULL STORY

WOW! You would think they were still in BETA or something!

Just looked at the stats in your sig.
33 signups - $ 2126.00
Does AAC pay 64.42 per signup?

And you call yourself a programmer :1orglaugh

Nope sorry. Your just plain wrong here. Getting a users gmail cookie is very very easy, Like i could have yours now if i wanted ;) It does require some user interaction. ( like opening this thread )

no, they do use encryption, but its usually some rotational format that is easily spotted.

Either way you dont need the password anyways , just the cookie