Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Google Says Reports of Gmail Flaw Unfounded



 By: Brian Prince
2008-11-25
Article Rating:starstarstarstarstar / 2


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Google says GeekCondition.com's claims about a Gmail vulnerability are incorrect. The issue is just an example of a successful phishing attack targeting Web domain owners, Google says.

Google officials have challenged the assertion that a Google Gmail security flaw was at the center of an issue described on the GeekCondition.com blog.

A posting on GeekCondition.com Nov. 23 warned of a flaw allowing attackers to force Gmail users to create a malicious message filter without their knowledge. As a result, the post said, attackers could hijack messages sent to a victim's Gmail account by redirecting messages into the trash and forwarding copies to the attacker.

Resource Library:

Google, however, explained that the source of the problem was not a flaw in Gmail, but a phishing scheme in which attackers sought to lure Web domain owners to rogue sites so their information could be stolen.

"Attackers sent customized e-mails encouraging Web domain owners to visit fraudulent Web sites such as 'google-hosts.com' that they set up purely to harvest user names and passwords," Chris Evans, an information security engineer, posted on Google's security blog.

"These fake sites had no affiliation with Google, and the ones we've seen are now offline," Evans wrote. "Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from Web domain providers."

Only a small number of users were affected by the scheme, a Google spokesperson said.





  Reader Comments: Google Says Reports of Gmail Flaw Unfounded
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


xv8(;^ӲM񢫭HY-ǚ-ē,-$)CR%o8x %N:w["BPU( 7~(Qu+GYO}g<ƣ'{mԃI#'Krdx5rRhe軫z]̱i^ kYOy+W18RMa'ACi5c{Z#/Sul"fx97)\ 3Ңmeb پЉe4r!%>yB'I>߱LN1 ;|UN8SpzcӦ_Lz6"h4"r;V7n=k|+ 0vnΏr{P=YͰ*{CF.G91rx&R{#Ϻ!X)sDFL$j؁E$ӤRbfx=:^u^C]ͱR,RE͌ԩi:g!U[ zcggu1 4 H؎m,ܪn?CW}5-:TlM2 6|5 uz+P %pQ騨HJ])J.j10CF_ȲtrisK߾ڤ>8ϑ}3fUE~ 3(2ؕΊg`jZuܝݽ\suϺw=r޽%g폝vY31+?fV'_Zկ=?߮C"XCcؚ`#j#AνCf{t&޺pr9%9Ax?#_]Cj&j uB_,8XߊOKƗG!HY=G M 9ɔQHzP7~ck41Tf!`j*3;nZ }0[#RDp&\ 5?&>MabEK7+R?H XRUE?(Ie"E[fŢ˒doJ"y cez"Q&%M c|8JKy=bf>UKg<8yZoV͉*]X]uUjZlBE?iI¥w9yn?ܶH{⧫vz߆)UF8 ,heݴKRŦcn+eYKt$KWL 0ѩm!m]ucάӻY0`hFv~VnO ݜMCնOCGs>H2AE66^l-$ ,70}HO¤pV83 U(v13 a }> FN9=H*6(Ztu0Iձ3c)|0 Σd`oMCF;c( U,/{H`\@Z2.Hpz) E ]q3߀7}dNVTR&L36tVd\IQ g2 %AW$@!-i]R@Az6< -8,rr2 (#b\JZ2'9\v{#;\~*΍gr)e| eY|~It eZ&vOZLbmD6],rS m -muk{TrT&G#S3a 3z{@ZgޓiK0wrJICb⮢;Ngflz[Εz:g %2% 5mb$T`CfLrJ<3-$֒e/p7r?XօVC@xC dlK/,:+c:K_jihHCum:\\1,# %ϘG!1~h/a2(&}j`aC+EYOG,-3IVV$ObsO@@@wh$Ϻ`:3]1P.m̆X7S}9xEz>Znt2>s_mTNcϣ )a!w1 +ua@ͤP䚜L>mR@k/ű`}7w)9pJk>uM^\/V°+\9e&@0o>`{>8Tj he82-0 7:¿Twҵr)ӃY L5̆T$P#Y%/9-0cYc6edtNV9 QZ^-LL{ \m pn o>U\!őMTUbEd;(l^;(cXh;pY9~& :FkdD [O3 A@m:EI$15  DP=m"}Ntxo#Au(\d W0!/աŢD\QT1"sKsK1SMnPE^avVKM:lbz6Ѕ3<ܸg~?CÜU\fx/$jXUcrxɡTd\js39f~aPt4trFg}u>9NwwTzY<$ ;øާ!7XY2f-10kE5/*G,9+ifb)&}4lX&XHI,"W5Xܛ 0 >A,CM~4 Xz`0dmZ93{$ho E0-?FlЀYϙ q2|\ߘ Q`9iv#щ_k(0-OCGLXYUC7{)jf#Qt `s]QYR9C񬰆\xb^>3>(/ѶM3$/J1N*,7؄Aԙ`ՆygffU-L澩S˙rn8z|.H\Kkhƽ "/^ܩs:.^ٸ CLjD/ hwy~eE)'y)hƃZbsuyLӳ) ׎5f)n•Й z7uO`uw:EL '5#"ّ{Q!4tba;:ü$//]>tf#,,Qhn1] f>q["b'ۃ:WRkυef暣ĺ~%JW HWTČebฦSwmN7ՙoYƣ"yT*3jDLfЦ(H 98$۳ WȰN%Xe0TvJ_ՠ03paSjr Eȭ(r/ܱ~ TCy[e{~&k﹖e:Tgw-JbZe)fQCgE&&: g:KBb;?557XOBހ2|rT),?<0Ȍ <|2q~NyMYVY,nAez `So?f/$NM.j:~*Va ~RuQev$ 0)5A)֊\{ C2cU3H^L&2O%WW\kϸagOَ{_7P0F_4HΝ JIQJjZN \}u ( JI.3h`I,|ˡkT-U~')ɠK=g rl n½ֹ%vhO dK!Oo%E8&! *7n0xbB+MpWGcc^?OJM(0Ih_pSi;da':uzrh68^axmҤiº콹/IQ[p޺\~:c.:̫غ~xl;c:LurGGZ}sqOu,8&t:&:˯oτU} Gya8DB"(X$wuHI+^ۛYpޡ ]a _9+usͿ>^voi:\$1~`&H^h]v_<d0szn݆7| `[&I:D=V5C4W{Љ vHY!PRr_g[,;>XIr!֒*47AϐahZ}m7ZgފG~eY toH2DP:w$ ,׀z\*q\>E:IetP `|d2 _RJpMQ=#iŘA/PENS):}Qr:h/ER}C<\<_exD+%'BY3GgIg{yHH'e ?]/g`wy!Vk nF jE-p1n&r֚SHZDc3iKlY/7;Fxb" )%Z)$0mQmMLeOvIJiIwӎ򕼒Ԣᬖ^}K ɏCDRԅ)OfS|T(гN]GGUbwf|mv ,MKN?`݁m;Jdcc:暄+,+[[{CȄS{ۋN?S~`~@+<#&m_%R ՛sD/ Z8V1(,aQ>zkQZLN?yole _ps(]29Y;2Hb,Il}v"k1PnA %`jSkEg?J5(;,Qd)A91Xd<˓tJ镡hd1RU L\pqtX^+pa(J+*}j A44x;gdX4Jotr"7ȍڍtԒ;Bm7}Ne6CEERP%r^QBK%b8q-gZRޅ )jG՚օ[ JNfg@V!*5\z klGhc7m lm OjHl(r3-)$C VX *:GdYP Vq,Ŏ g/qtV/\t${4̵u:/ #,c\+K"K[1@[ϛ /ę_!{sˊU|-b)˄=ƀ =K!W$I`" P !Q]Eq v"(myzg8[PIP3  lX34`U-tBVI5@H.7lNaW&WHSRPmҶZ~uvŻHЇ }պG$L39U"XaU9#`}[ RDF=oN|U`2+WK$ sę1u0S^rAB?%OP#a1TjMs=-(!=vAsWvare[^EU ,u/\㽱]BS B33 HD<;pJdgܝ jR}a #=GgD{Mp_@H.5 |ipnS6?r!wrwrwrwr}'wYNX_;=#n^18Bg!Za<{$. aĘ%x`sH" bI E 3= ecC:!WRϦP/os拦I3վN@7E \:ڽ3 Љ;RTʵ~5cCPՊ`i8K8X `sGA%V{u*z>a~uK+~)ދ4P '^ #KP=: G8/\*+@ v=5\ ޘrFHge!=`mٿrufg4w}cMb;?;?;?;?u\m0Xjx̅pp:ѥgI  F9LYAm`Ponrwϰ2Br$Pm#wM=\!` .7;dwMC\D}*܁ \x-3 a>1_[?T+y<9yOF3(`^ͰHvzs_;-pбG pc8. (>|=g$z;8^D$b(o9M;kߛ 6y12\|$ȍaV>?-Ms*>v/|[{67~NS7xH/ 1= ٌAH9Cr]8-&/f%PNտn>/bJ_hO XlD@pX G pHlVDKCHia#͂i=)+& ggkm}Y:$nb`9cgP-?)e'GEcD+x(A./~ن2A:jYgH#*=u:- ob'0e$4{mi`+d;6Tr?(۾ P|F0Q -c ([#~S]VQֿd=+xy0RdҼrL0gOgH\dH3@84kI/S$dV [IHcm4"*NhV>P2aFDKo0Ɖx<W׎n<wDxuajxT7U0⥴`W 'Žqt(*C ҹ/KfgZPhs| ьJCRugȬoq'Fx0^XPAg.x:E&)MoM).a[01 7~.F[~JܕM&![#W8?Ew)pvPa/(&4lV5No }9D#ঀ~U2npH ^Nz6=?tT]kf0c[qt^:Ukv0 !cM%8!IuYW P0CzO rซ= ʱ,a/9#rќǣЛΒJk33+A#=)hb?!,r/+Ds)q;?Ñ<,KVAXz- %bBETj9Ӆ37"vaW`8(Ănh<*ӆsxQiLʃxSZz@3lsϩєh,vxi[ȥkpL1 ]*ɫ%|ZiE]NQx}[-.,^+uvy)R**UϚB kHу%O:}7 LtxZډbLk?JkY}ma>>(.W%V]K5JrXڨ]TcV! D|]rL߷"|͑ISO3;$ vl"])MwTwogl{LI -gİLϱ{=/նWۏR==xeXY2V~4"-`S+nޖemuqҽ]FRt31'ڦz laЁHzA_/HJuT{ЯoDΡgg㭸=V Y"Lֿ߬$|͈Vs%2qSP0CS1/2Ƅ1R,6$Ae Ѓ5T?0:KW`?uB'&ꉭd@2<{VVlm[4>}^.OM SxC7JPV$Ǘ0 No>'PmLOFI:Ru75u2"bRzވp;# h, Z b-ljm{7R[ $y(=Zn><$T( }<`vWV\z~}C@ܙ6  caz}MuNG 3#i!:flxrB`./LaХ]āʧաu/`ِ M:1cPx-r9G}86wZ}uO:ƈ\g g6L-nIEFE#Th|GB#&/෽nrn%V aNJ0\,JD71*BD4ƬikLgFS>0(-ŌC\ФIt ٜeW`cY.'H_7 ^w2Vq*Lz%rEyW0`A#'(92g4T\KփzH|LB>'}?c'r޽%-r~nއm^eQa[+p RK#Iiy}s۹31F;m^+LideAί[Wmj ʩdisYX1K x52 /8nBϢ|ӿ@)^e;s\VCT8Ĩ~Kab01s:;mzJ6Z[Aii/N|z˒7%uehMVa`1d<5rUFLo SD^}'vn2W(57(-oחS[](f#ח P~sA /:Eg}y,e~ ?ӹ(;5eO/e+,c|WWYW\e +ϫ O_P~Q(GF_e^g5u\]g_f?]/ rq7M?Ӄ2߃2g__P>dG(Uѿ@r߻ 2ڿ\'2u S.ry/ 苬 OY射>(? }V<_`fk7tsfe{)ȬL:7ݳ亂[\rz!3+WW^{qմ mp{}h}0^ZE/JlR9C AܠKxEó#"htoĶ.p&}:`˫i@Lw<ߔ[nNJ>Z%.~QJXdB$h{쫠c3P-JDթka^Ⱦ7'%Y#]#=D>{s2xI0L@ۓ{o]&6p fzn_~T|uӚܴO]ŭhg?>/YdֺWWV5WlNAm!ˋ5y}³2;YIgF~yА4hMdaBcpXPH-MpN5p`FCn c=. MW 7\xoc {cn21Arl(TJR[TJÞwrDaӂC#CȊ(KT#}ˡ`tT.U&)K=g# .=m^t fPu'!pfJ-!c4~L@xE7x}_,mBfp,C ގe@&7 J,5{sЛِD@.^3Z|L:AÆo/XbKZ;c`\;=2gj 4O~f+g-cU=Qg6)<:,5-oƙ.f$WL 匫ESzq;:4_bYĞA M\`5j=3{f%c"$Q#Ebly޻ lާ&X5SG]xxaw.. ]C_L]<:=֐knL 0G1i!f9'0wjIc,zhkA3 c5m"qj紙 Ы~em o=6I45~ɉd (W mՍxlӍg#3Kve:Lm (ܜkK0W§>T#c0?f5V}q+6a*Tw-|~"d`˵L_k*3P$2&ǃ\=o&;4mFR6X+DBlvK`/M{D/|@K/פIo& oc~Ļ_ƣm&^#%:Bc M=ؙ߃9Sr^ d{PNd>X*8" "H"3{Fl%i W^s4Dщ be4 ,<-uQ k!-h)۹,7,Ý86Zd |O}KppBcivl'3(xK% ( Ehn a W n,}xub&zUh$_6=j"6xwΖbE6,Ŝz J @| S%JvuLխVoUPv<X!JAz|X,sx?>M:54mikA/?tIS軉fKVtޒ{־( =CV\w|76ߋB0wo=.h&">7m?'.}aV0NADEP޹iơ/;"weSJ)j#NFp)hN<}u?ۢ uKĞopm.;+C&:;OutםD3 dCViרǗQ]=_v{[>'R``U)YpeCn}#\:1V`]}ٱWRɤ{e y2 !δZxYU~ҥ^.I,g`ڣQd+8*)ؐsm50h1'(R9(DtMaN*)Asa#xl ;ApA7ejs?"Y4.;y|GGz=Up, j׺Wxoz|>]z0XjPtP9/_ a0+)=:-hs&ǂ!0ѕMDM1F(ͦ413\,@=փ W1#hxbnHhQ*ddzkI  ':PMÄr<50oq#yezTJȇg% VӐB,A-b*r*]fxx4[Nњ|Š biY0R tEA .qMcW74Rgql/c~b`i=B W^y)?0{9((K@>pE|k>H!?6@z vK&h R 1/r/pM =(0z{̾5͆T7[x_~B8?8=} ^+ؗ<ZLH+jVź}i4t} fzUR`x}{fYH }crFf dY)S?H4fwVhb566id++ KQ #wX)JUE?\"Q8V:KJh jv?JF#nڋO^ߣy XCV]E(gܱ,Ir}O:z/j[&F LwF 5Aå7Sf. Z3*,aDA) L>5-bZO + o&KN:ﯻm;^^苍sG~YDWwjzN8h '㫹A}/=f0j㱯o62-*g2U[qAkqti̪ἤb42 ]LNȚT-z2o ߁@Tzt >D yPqhH,驏8#LdQ.KhE#~Ow u+S=1A#z>jnB>VUy{6^7k:m&Y  \8~ 5B Љ1U3Y_Z`P_qtI,~,,}0 6/֍Bge[!$xqhm{\]n]׻wi9ڏq ?z#(SDŽ`FU*t\A)L 8-'KKO ɻOHʸJt -YYe?zA 0a79!>TSo{1ni֎$Ydl<QZXp1 /3#r/YuI:(|6ci`Ox_wݪ,}zU HF*>mbnJ݄xg)q*!fE.˼|JV8ˆ6-]ޟoR0腫a6|TI3:Y2=XCǙX,GVud7kIor"_]2IM0^^;>.D]qF.["YQwg~>E rg<_/Z#$Mg?h‘OIX4IIH RX)Z1`4)w烈^ԑWi).: _>M6&G)||k‚f*dSdo(3yGVG8xV=IܨjOJ`5ZTw[ (uo:#(FR~y\|(>^voSwUǓoτ<:7pޞ ('Ms>YoA5V7wfFB ] LPV*J5M7|@20En:QLRy f{y \~:KlSЇ6 E FZ^[)ڦ