Comments on: Gmail security breach http://www.aquick.org/blog/2004/10/29/gmail-security-breach/ entertaining hundreds of millions of eyeball atoms every day Sun, 12 Aug 2012 17:06:22 -0400 http://wordpress.org/?v=2.8.4 hourly 1 By: adam http://www.aquick.org/blog/2004/10/29/gmail-security-breach/comment-page-1/#comment-25 adam Tue, 02 Nov 2004 14:29:35 +0000 /?p=135#comment-25 I've been corrected - the gmail authentication cookie is not the lifetime persistent Google cookie. However, I think this is a fairly serious issue and a good warning about the fragility of the security of web systems. Even though this exploit has been addressed since the announcement, it's worth highlighting that any cookie that's stored on disk is probably fairly easily stolen. I would NOT be surprised to see this be the target of a worm in the near future. I’ve been corrected – the gmail authentication cookie is not the lifetime persistent Google cookie. However, I think this is a fairly serious issue and a good warning about the fragility of the security of web systems. Even though this exploit has been addressed since the announcement, it’s worth highlighting that any cookie that’s stored on disk is probably fairly easily stolen. I would NOT be surprised to see this be the target of a worm in the near future.

]]>
By: Guido http://www.aquick.org/blog/2004/10/29/gmail-security-breach/comment-page-1/#comment-23 Guido Tue, 02 Nov 2004 14:28:30 +0000 /?p=135#comment-23 Fortunately, the security flaw seems to have been fixed by now: http://www.theregister.co.uk/2004/11/01/gmail_bug_fixed/ Fortunately, the security flaw seems to have been fixed by now:
http://www.theregister.co.uk/2004/11/01/gmail_bug_fixed/

]]>
By: Glenn Fajardo http://www.aquick.org/blog/2004/10/29/gmail-security-breach/comment-page-1/#comment-22 Glenn Fajardo Tue, 02 Nov 2004 14:26:37 +0000 /?p=135#comment-22 I was concerned about this when I read about it. However it seems that Google has patched the problem: http://www.macworld.com/news/2004/11/01/gmail/index.php I was concerned about this when I read about it. However it seems that Google has patched the problem:

http://www.macworld.com/news/2004/11/01/gmail/index.php

]]>