 |
 |  Lurch77Premium
join:2001-11-22
Oconto, WI
kudos:4 | Re: Being discussed here... That looks a lot like the link in the article.  | |
|
 DennisPremium,Mod
join:2001-01-26
Algonquin, IL
kudos:5 | HOLY CRAP were all gonna die! I think the seriousness of this is being blown a little out of proportion. | |
|
| | | Re: HOLY CRAP were all gonna die! Yeah and if this were Hotmail, people would be screaming about how Microsoft is the worst company in the world, and that their security is useless. I love double standards. | |
|
| | | | Re: HOLY CRAP were all gonna die! Ding. I do believe you win the washer-dryer combo. | |
|
| | bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | said by Jeremy341:
Yeah and if this were Hotmail, people would be screaming about how Microsoft is the worst company in the world, and that their security is useless. I love double standards.
Sure they would... Perhaps the reason this hasn't been made a big deal is because the system is still in the BETA phase ? 
--
Got Carbs?
No, I'm not a libertarian... I'm a proud, registered Independent [thinker]. | |
|
| | | | | Re: HOLY CRAP were all gonna die! I'd argue that even if this weren't a beta, it's still not that big of a deal. It's something that should be fixed, of course, but still it's not that bad. | |
|
| | | | bmn? ? ?Premium,ExMod 2003-06
join:2001-03-15
hiatus | Re: HOLY CRAP were all gonna die! Its only bad in that people who shouldn't be able to get information are able to get it.
No, its not the end of the world, but its still a problem and needs to be taken care of at once.
--
Got Carbs?
No, I'm not a libertarian... I'm a proud, registered Independent [thinker]. | |
|
 japPremium
join:2003-08-10
038xx | Beta. It's still in Beta, no?? Not newsworthy if Gmail is still in beta. Finding things like this is what beta is for. | |
|
|  stateq2control the codePremium
join:2003-03-27
Jackson, MS | Re: Beta. It's still in Beta, no?? said by jap:
Not newsworthy if Gmail is still in beta. Finding things like this is what beta is for.
gmail sux.  | |
|
| |  sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Beta. It's still in Beta, no?? said by stateq2:
gmail sux.
What's wrong with GMail? It's somewhat limited compared to say MSN's webmail (regular MSN product, I don't know about hotmail, etc.) but it's kind of a cool use of a web UI and dynamic HTML, I must admit.
--
Bush Credibility Twister | Air America Radio | The Brights | |
|
| | | stateq2control the codePremium
join:2003-03-27
Jackson, MS
1 edit | Re: Beta. It's still in Beta, no?? said by sadowski:
said by stateq2:
gmail sux.
What's wrong with GMail? It's somewhat limited compared to say MSN's webmail (regular MSN product, I don't know about hotmail, etc.) but it's kind of a cool use of a web UI and dynamic HTML, I must admit.
yeah...it's great, but I love going against the grain...considering the so many people have been blabbing about gmail (yes, I have an account)
--
GNU/Linux | why mp3? | flac2ogg | fsck RIAA | |
|
| | | | |
| | | | japPremium
join:2003-08-10
038xx | said by stateq2:
...but I love going against the grain...
Why you cheap shot rabble-rouser!
Just wanted to say thanks for having Magnatunes in your posting signature. I've been waiting for the eventual emergence of just such a trend. I'm gonna copycat you on it. | |
|
|
1 edit | Right on jap, besides its not their job to give us free e-mail accounts.
"You can't truly taste an uncooked meal." Just a thought.
--
"With every rise, there is a fall." | |
|
|  koitsuPremium,MVM
join:2002-07-16
Mountain View, CA
kudos:14 | Try explaining that to the 2149847494372023498 people who are already using and relying on Gmail, treating it like a non-beta commercial service.
Now, onto the issue of security.
It doesn't matter if technologies/solutions (buzzword overload!) are in alpha, beta, or production release: security holes are security holes.
I think it's safe to say that most of the people who're using Gmail at this point have already inserted legitimate information into their accounts, which makes this a nice big fat haven for privacy violation. It doesn't matter if it's beta.
Strike #2 for Google (for #1, look into the Orkut lawsuit). This is what they get for only hiring "geek jocks".
--
Making life hard for others since 1977. | |
|
| | | | Re: Beta. It's still in Beta, no?? its their fault for relying on it when its a beta.
--
| |
|
| |  pflogBueller? Bueller?Premium,MVM
join:2001-09-01
El Dorado Hills, CA
kudos:3 | said by koitsu:
I think it's safe to say that most of the people who're using Gmail at this point have already inserted legitimate information into their accounts, which makes this a nice big fat haven for privacy violation. It doesn't matter if it's beta.
If I'm understanding it correctly, existing users are not affected now. Unless of course someone was using the exploit at the time you signed up to get this info. But if they haven't already done so, and you're using your gmail account, they cannot get the info. It's only for new users.
I agree it should definitely be addressed, though, regardless of what level of release they are in.
--
"I drank what?" -Socrates | |
|
| | japPremium
join:2003-08-10
038xx | said by koitsu:with great wisdom & the calmness of true authority:
[..snip..] 2149847494372023498 people who are already using and relying on Gmail.
[..snip..] Now, onto the issue of security. It doesn't matter if technologies/solutions (buzzword overload!) are in alpha, beta, or production release: security holes are security holes.
[..snip..] which makes this a nice big fat haven for privacy violation.
[..snip..] This is what they get for only hiring "geek jocks".
I'm speechless. Your erudite summation of what .. err .. ails Google is so profoundly wholesome that there is simply nothing to add. In no way could your assessment be improved. Thank you for enlightening us. I appologize for my previous ignorance on the purpose of the beta phase and hereby hate Google & all technology providers who don't get everything perfect before telling us about their product.
Build a bunker, lock your doors, buy a gun: Google is coming! | |
|
| | |
| | | japPremium
join:2003-08-10
038xx | Re: Beta. It's still in Beta, no?? said by C_:
the population of the world is less then 7,000,000,000...
You cite merely the human population. Koitsu lives in Mountain View & is no doubt privy to the little known fact that for every 1 human Gmail account holder there are 166,943 insects that have been invited into the pre-release testing phase - So let's be Fair & Balanced for koitsu. | |
|
| | | | Idiot, RTFA
"A remote user with a valid GMail invitation can determine information about another user attempting to register an account with the service, including the target user's first and last name and the target user's desired GMail account username."
At most they can get the first and last name and desired username of someone attempting to register. And they need a valid invitation themselves. It's not that huge of a violation, and if they've "have already inserted legitimate information into their accounts" then they don't have to worry about this bug in beta gmail as it doesn't apply to already created accounts. | |
|
|
| FlizeshPremium
join:2003-08-16
United State | Re: Microsoft Expoits, GMail Exploit who's next Email is unsafe because there are exploits? Riiight.
So using windows or any other software is unsafe too. Doesn't mean anything. | |
|
| | |
| | | | | Re: Microsoft Expoits, GMail Exploit who's next said by antiphishing:
Who knows maybe Google is running a Windows platform on their mailservers.
I know, and they're not. And this problem could appear no matter what platform the systems were running on. It's the fault of the programmer, not the platform. | |
|
| | | |
| | |  Da22inBuck Fush
join:2002-06-10
Charlotte, NC | said by antiphishing:
Who knows maybe Google is running a Windows platform on their mailservers.
Well, that would better than running it on a Linux server. Linux servers are compromised more than you think, even more than Windows. 
--
Out the 100Base-T, past the firewall, through the router, down the cable bus, over the leased line,off the bridge...nothing but Net. | |
|
| | | | |
| | | | | | | Re: Microsoft Expoits, GMail Exploit who's next
Didn't know that , thanks for the information
What information? It's a blanket statement with absolutely no grounds...and its a load 'o crap.
At the very least, the word "more" in the OP needs to be defined. More virii? (No) More infected systems? (No) More purposely built auto-run features? (No).
So how is Linux more vulnerable?? | |
|
| | | | | | |
| | | | | | koitsuPremium,MVM
join:2002-07-16
Mountain View, CA
kudos:14 | Actually, I feel his statement about Linux machines being compromised more often than Windows machines is fairly accurate. It depends on what "section" of the 'net you hang out in -- if you're at all involved with IRC, then yes, Linux machines are quite often compromised. Windows is just under scrutiny for a problem that's been ongoing for years.
In regards to security (out-of-the-box), I stick Linux and Windows in generally the same basket.
--
Making life hard for others since 1977. | |
|
| | | Re: Microsoft Expoits, GMail Exploit who's next ? said by antiphishing:
This just gives more proof that email is becoming even more unsafe to use.
This problem isn't a flaw in e-mail, it's a small flaw in one provider's BETA account creation system. | |
|
| |  ObdHPremium
join:2003-06-11
Litchfield Park, AZ | Re: Microsoft Expoits, GMail Exploit who's next ? said by Jeremy341:
said by antiphishing:
This just gives more proof that email is becoming even more unsafe to use.
This problem isn't a flaw in e-mail, it's a small flaw in one provider's BETA account creation system.
Should be in ALPHA stage with a problem like this.... | |
|
| | | | | Re: Microsoft Expoits, GMail Exploit who's next ? Not at all. This is definitely a typical beta-level problem. | |
|
| | |
| | | | | Re: Microsoft Expoits, GMail Exploit who's next ? ooooo, thastw why its a beta
--
| |
|
| koitsuPremium,MVM
join:2002-07-16
Mountain View, CA
kudos:14 | You can blame the following for that:
1) The jackass who decided it'd be intelligent to start composing mail in HTML,
2) The jackass who decided it'd be intelligent to link two completely unrelated technologies (indirectly, SMTP and HTTP) with one another,
3) The jackass who refuses to believe that content is more important than IM-SO-PRETTY-DANCING-PANDA.
Crap like this is exactly why I say the "Internet" has really gone down the sh**hole. Yeah, I'm a bitter individual, but this has nothing to do with being bitter. It has to do with idiocy having run rampant for too many years...
--
Making life hard for others since 1977. | |
|
| |
1 edit | Re: Microsoft Expoits, GMail Exploit who's next ? and its a beta dumb ass, no one had to use it, they want to use it. If someones info gets taken its their fault, not googles or anyone else's
--
| |
|
| | | | said by koitsu:
1) The jackass who decided it'd be intelligent to start composing mail in HTML,
2) The jackass who decided it'd be intelligent to link two completely unrelated technologies (indirectly, SMTP and HTTP) with one another,
3) The jackass who refuses to believe that content is more important than IM-SO-PRETTY-DANCING-PANDA.
Ask 100 average PC users if they'd rather see a pretty HTML email or a secure ASCII email. Style wins over substance any day.
--
AMD Athlon XP 2700+ @ 2.17 Ghz
Asus A7V600-X
512 MB of Kingston PC3200
GeForce 5200 FX (256 MB)
Seagate 120 GB SATA
Windows XP Home | |
|
| | | | | Re: Microsoft Expoits, GMail Exploit who's next ? ever heard the phrase 'a picture is worth a thousand words'? | |
|
| |  Andrew JPremium
join:2001-11-09
Lancaster, PA | The only ones losing sleep over this are Spiderman and a few of his buddies. | |
|
| | |
 techjoePremium
join:2004-02-20
Warrenville, IL
kudos:1 | duh.. Holy cow! A beta with a bug! | |
|
|  KAD ImagingJust Shoot ItPremium
join:2002-09-21
Hialeah, FL | Re: duh.. said by techjoe:
Holy cow! A beta with a bug!
Okay, okay, take it easy children.  Both sides are taking this issue the wrong way. Yes, the service is BETA so what?? Who gives a sh!t? You release it to the public be prepared for WHATEVER consequences arise from that. Everyone forget that Google gave out 1000's of invites in the last month knowing that this will increase the number of users on their system. The key is that this isn't a *load* issue. It's a software flaw. I work closely with about a dozen+ programmers/developers and this type of thing never would have gotten past lab testing. Who the hell is QA'ing the software?? Who are their security auditors?? Alpha testers?? Those people that ask the tough questions like "Can authenticated users access the account of another registered users." If two identical auth requests are submitted what happens. Can the POST/GET scripts be compromised, etc..
A LOT of people use the exact same logins for everything meaning that if the account creation script can be seen, someone has access to everything that person is registered for and only has to start loging into banks, ebay, etc. to severely destroy someones life. An of course, some @$$ is gonna chime in "Well they should use different logins for everything. Yeah, like you have a different login for all your PC's, BBR, /., Fark, etc...
--
-CK
Q: "What does a cold air intake, headers, catback, highflow cat , & Port Polish give you??
A: "Ricer on a plate!" lol. Visit SportCompactMiami.com | |
|
| | | | Re: duh.. No one HAD to register, it was an offer that google made to those who were up to trying their BETA email. By using their BETA email service, you understand and agree to their terms that there is a risk of virtually anything going wrong. If you don't want to risk that, then don't use it, simple as that. Sure, they messed up, but that is what beta is for. Google made no promises of keeping anyone's data secure. | |
|
| | | | No, but they could use a different login for what is a beta service than everything else; that wouldn't be too much hassle. Personally I have 3 different logins I use depending on the level of security required.
Anyway, there is such a thing as an End User Agreement, wether we choose to read it or not. | |
|
| | | | > Yes, the service is BETA so what??
So the users who accept the free accounts should help Google by submitting feature requests, annoyances, and finding errors. Tell Google what sucks and what you like - as a beta tester, thats your job.
Provide real world feedback. And by all means, if you can do it better faster and for free...
| |
|
 aitechGuru. Kneel
join:2000-12-19
Boston, MA |  Jesus!
I noticed this when I got a GMail invite, if I tried to keep selecting usernames, sometimes when I would hit the [check availability] button another username would pop up in the box instead of what I typed.
Actually it was amusing for a few minutes... seeing what others were trying to get for usernames.
BIG DEAL - that's not USER info, it's a friggin username availability check, they need to tighten up the script. BETA.
Damn people... go mow your lawn or something... | |
|
| | | Re: Jesus! This problem has been fixed by google. | |
|
| | can some one please Can some one pelase help me get a gmail account..please... | |
|
| | Another Gmail Exploit Software designed to exploit the much lauded Gmail service has just been released this week. Aptly named "Gmail Hack" the software performs Dictionary and Brute Force Attacks against a GMail email account.
Full article:
»www.bonar.co.uk/bonarmedia/html/···e&sid=13
if link doesnt work try »www.bonar.co.uk | |
|
|
|
·
·
