Serious cross-site request forgery vulnerability found in Gmail

Started by Gary, Sep 28, 2007, 09:44:46

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Gary

Sep 28, 2007, 09:44:46
Basically don't have your Gmail window open at the same time as browsing another site really, its a nasty bug that could see all your present and future email harvested by an attacker! Here is the link to the info
http://arstechnica.com/news.ars/post/20070927-cross-site-request-forgery-vulnerability-found-in-gmail.html
Damned, if you do damned if you don't

Rik

#1
Sep 28, 2007, 09:48:27
Thanks for that - luckily I never use the GMail web interface.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

#2
Sep 28, 2007, 10:01:23 Last Edit: Sep 28, 2007, 10:04:37 by Killhippie
Quote from: Rik on Sep 28, 2007, 09:48:27
Thanks for that - luckily I never use the GMail web interface.
I do I must admit, so thought I should post it, as probably quiet a few people on here may do ;D
Damned, if you do damned if you don't

Gary

#3
Sep 28, 2007, 10:06:13
Web mail accounts with unlimited storage are great targets they are as valuable as bank accounts almost these days with the information contained within :(
Damned, if you do damned if you don't

Simon

#4
Sep 28, 2007, 20:20:38
In my opinion, Google is getting too big for it's boots.  OK, so Google Mail has been about for some time now, but the more they add to their ever increasing catalogue of gimmicks, the more they are going to be targeted by ne'er-do-wells, and therefore the less secure they will become.  I use Gmail, but with POP3, so I don't use the webmail interface, but I don't use the calendar or other facilities for fear of privacy compromises and / or data theft.
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

#5
Sep 29, 2007, 09:26:23
I agree, Simon. It's not just Google of course, there are too many organisations inviting us to share/store information. Thanks, but no thanks.  :o
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

#7
Sep 29, 2007, 11:49:56
Faster than a speeding Microsoft! :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

#8
Sep 29, 2007, 12:11:35
Quote from: Rik on Sep 29, 2007, 11:49:56
Faster than a speeding Microsoft! :)
Did you say a speeding Microsoft :o
Damned, if you do damned if you don't

Rik

#9
Sep 29, 2007, 12:14:31
Indeed. I just didn't say what speed, but think more tortoise than cheetah. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

#10
Sep 29, 2007, 12:16:50
Quote from: Rik on Sep 29, 2007, 12:14:31
Indeed. I just didn't say what speed, but think more tortoise than cheetah. :)
You should work for them Rik ;) you have the spin on speeds well worked out,
Damned, if you do damned if you don't

Rik

#11
Sep 29, 2007, 12:23:08
That's because I am usually feeling dizzy. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Gary

#12
Sep 29, 2007, 12:27:00
Quote from: Rik on Sep 29, 2007, 12:23:08
That's because I am usually feeling dizzy. :)
Its all that RFI Rik ;D
Damned, if you do damned if you don't

Rik

#13
Sep 29, 2007, 12:29:17
Refreshments Frequently Imbibed?  ;)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.
Print
Go Up Pages1
User actions