Google apps not so secure

Google's online applications'including Gmail and Google
Maps'are vulnerable to attack, according to a pair of
security researchers.


According to an Information Week report, Adrian Pastor,
a security researcher with GNUCitizen.org, posted proof-of-concept code that can inject a
third-party page'a fake login page in Pastor's
example'while the user's browser address bar still displays
the Google domain. This could dupe the user into entering login
details.


Security researcher Aviv Raff added that Google is vulnerable to "a
cross-domain Web-application sharing security design flaw." The
vulnerability Raff discovered reportedly affects other applications
beyond Gmail. According to Raff, applications in Google's
subdomains -- maps.google.com, images.google.com, news.google.com,
mail.google.com, and google.com -- are affected. This means, for
example, that Google Maps can be used to hijack Google, Google
Mail, or Google Apps accounts.


To read the complete Information Week report, click here.



Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected