Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Webmaster / Google News

Google News

Google About to Be Hacked, The Company Doesn't Care About It!

New security flaw discovered in the Google Gadgets

By Bogdan Popa, Security and Search Engines Editor

20th of August 2007, 09:10 GMT

Adjust text size:



Enlarge picture
Although the Mountain View company has recently hired one of the best known hackers coming from Poland, it seems that Google is not afraid of the successful exploitations of the vulnerabilities since it is not interested in some of the reports sent by the users. Security researcher Robert Hansen recently discovered a vulnerability
in the Google Gadgets that would allow an attacker to create a phishing website that would be able to bypass all the filters. But what's most interesting is not the main security flaw notification, but the Google response offered to the researcher.

"On further review, it turns out that this is not a bug, but instead the expected behavior of this domain. Javascript is a supported part of Google modules. Since these modules reside on the gmodules.com domain instead of the Google domain, cross-domain protection stops them from being used to steal Google-specific cookies, etc. If you do find a way of executing this code from the context of a google.com domain, though, please let us know," the Google team responded to the notification.

"If I misunderstood the report in any way, please don't hesitate to correct me. For the moment, though, I'm closing this issue. Thanks for sending this over."

Google didn't confirm the problems but it looks like the danger is imminent and nobody knows if he's protected or not. However, the Google response doesn't seem to sound like a new extremely dangerous flaw was discovered. In contradiction with the Mountain View company's representatives, the researcher sustains this is something serious and also that this is not the first time when the Google officials are ignoring his disclosures.

"For the record, this is not the first time I have responsibly disclosed issues to Google, and this is the third time they have said what I reported was either not a bug or too hard to fix. So much for using responsible disclosure with Google. Ugh.", he wrote.

TAGS:

 google | gadget | hacker


Rating:
Fair (2.7/5) 10 vote(s) so far    

Read by 1,848 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


German Police Blocked from Hacking Computers

To Hack or Not to Hack?

Google Promotes Nintendo Wii Hacks!

Google Maps Hack for Extra Zoom!

Hello Google, I Have A Problem!

Google Provides Useless Contact Methods

Damn, Google Is Really A Vulgar Company!

Google Office Hacks Soon Available!

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive