Go to Insights page Insights
Go to Intelligence page Intelligence
Go to Investing page Investing
Go to Innovations page Innovations
Go to Two Takes page Two Takes
Go to Two Takes page
Go to Insights page Insights
Go to Intelligence page Intelligence
Go to Investing page Investing
Go to Innovations page Innovations
Two Takes View TECHi Stance

Every Gmail user’s address may have been exposed in a recent bug

TECHi's Author Carl Durrek
Opposing Author Wired Read Source Article
Last Updated
Wired
Wired View all Wired Two Takes by TECHi Read the original story Published June 12, 2014
TECHi's Take
Carl Durrek
Carl Durrek
  • Words 112
  • Estimated Read 1 min

A huge flaw in Google’s wildly popular Gmail service was recently discovered that may have exposed the email addresses of every single user. According to a report from Wired, security researcher Oren Hafif found and helped Google fix a serious bug that left Gmail users’ email addresses exposed to anyone with a bit of patience. While digging up addresses would have taken quite a bit of time, the report notes that the bug had existed for years before it was fixed, and it easily could have been utilized to obtain every Gmail user’s address. According to the report, the bug would not have exposed any passwords or other sensitive data.

Wired

Wired

  • Words 213
  • Estimated Read 2 min
Read Article

Until recently, anyone may have been able to assemble a list of every Gmail account in the world. All it would have taken, according to one security researcher’s analysis, was some clever tweaking of a web page’s characters and a lot of patience. Oren Hafif says that he found and helped fix a bug in Google’s Gmail service that could have been used to extract millions of Gmail addresses, if not all of them, in a matter of days or weeks. The trick would not have exposed passwords or otherwise allowed easy access to those accounts, but could have left users vulnerable to spam, phishing or password-guessing attacks. The bug may have existed for years. The exploit involved a lesser-known account-sharing feature of Gmail that allows a user to “delegate” access to their account. In November of last year, Hafif found that he could tweak the URL of a webpage that appears when a user is declined that delegated access to another user’s account. When he changed one character in that URL, the page showed him that he’d been declined access to a different address. By automating the character changes with a piece of software called DirBuster, he was able to collect 37,000 Gmail addresses in about two hours.

Source

NOTE: TECHi Two-Takes are the stories we have chosen from the web along with a little bit of our opinion in a paragraph. Please check the original story in the Source Button below.

Balanced Perspective

TECHi weighs both sides before reaching a conclusion.

TECHi’s editorial take above outlines the reasoning that supports this position.

More Two Takes from Wired

The North Korean IT Workers Stole more than 80 American Identities
The North Korean IT Workers Stole more than 80 American Identities
Saba
Saba

In this hyper-connected world, stealing someone's identity is not just cybercrime; it’s now becoming a source of profit and power.…

Here’s how to use Spotify to its full potential
Here’s how to use Spotify to its full potential
Carl
Carl

Spotify is pretty much a must-have for anyone who even remotely enjoys music, which is basically everyone, but even those…

This is Samsung’s answer to the iPad Pro and Surface Pro 4
This is Samsung’s answer to the iPad Pro and Surface Pro 4
Brian
Brian

Productivity-focused tablets are breathing new life into a market that's been on the decline for a while now, and Samsung…

Zerodium just awarded hackers a million bucks for breaking into iOS 9
Zerodium just awarded hackers a million bucks for breaking into iOS 9
Louie
Louie

Zerodium is an interesting company. It makes its money by purchasing exploits and security information regarding popular software, and then…