Welcome to WebmasterWorld Guest from

Forum Moderators: goodroi

Message Too Old, No Replies

Report: Google's Password System Hit By Hack In December

1:18 pm on Apr 20, 2010 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
votes: 644

Report: Google's Password System Hit By Hack In December [nytimes.com]
Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password system that controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications.
The intruders do not appear to have stolen passwords of Gmail users, and the company quickly started making significant changes to the security of its networks after the intrusions. But the theft leaves open the possibility, however faint, that the intruders may find weaknesses that Google might not even be aware of, independent computer experts said.

2:03 pm on Apr 20, 2010 (gmt 0)

Senior Member

joined:Jan 30, 2006
votes: 15

1+ for the cloud?

These are the things people need to be thinking of before they put all of there data into someone elses hands
3:13 pm on Apr 20, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 1, 2006
votes: 0

As I suspected.. All these adWords accounts getting hacked..inspite of all evidence to the contrary, always thought something was wrong at Google. ( however kept quite, thinking I would be laughed out.. but in hindsight..)
3:31 pm on Apr 20, 2010 (gmt 0)

Preferred Member

10+ Year Member

joined:Aug 11, 2004
votes: 0

The issue here is the economic importance of something as the Google Account.

I personally suspected from day 1 that this was the target: partly because they reveled that some dissident's gmail accounts were hacked.

Well, in G's world, if you can access Gmail, you can access everything else too (because of SSO/Gaia)

SSO is OK, everyone else does it (M$, Yahoo, FB...) the problem is that a lot of G's services are actually economically important (adword, adsense, webmaster tools, analytics, docs)

this is the hardest thing for the cloud: protect the login.

However, I think G can pull it off, they have enough talent at hand for this.

Some suggestions: the login protection should be behaviorally based: take into account source, tool used for login, action once in the account, etc...
6:08 pm on Apr 20, 2010 (gmt 0)

Junior Member

10+ Year Member

joined:May 27, 2006
votes: 0

I was just watching a piece on CNN about rolling out quantum broadband internet.

Here's a short piece about it.
6:14 pm on Apr 20, 2010 (gmt 0)

Junior Member

10+ Year Member

joined:Nov 14, 2006
votes: 0

It's always been about money, many hackers claim it's just for fun, but for the majority that's just a plain lie, especially if G$$gle is involved.
6:29 pm on Apr 20, 2010 (gmt 0)

Senior Member

WebmasterWorld Senior Member sgt_kickaxe is a WebmasterWorld Top Contributor of All Time 5+ Year Member

joined:Apr 14, 2010
votes: 0

However faint? Believe me, if there is a weakness it will be found. Things are always in the last place you think to look because you stop looking afterwards. Hackers are no different and won't stop either so this plug merely makes them move along until they find the next flaw.

The real weakness, or maybe the biggest bullseye, is connecting ALL things G together with one password to begin with. It makes you want to limit how many Google services you use, email and adsense account for example... do they really need the same password ?

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members