-------- Original Message -------- Subject: Gmail exploit Date: Fri, 29 Oct 2004 20:26:54 -0400 From: Adam Fields <politech0934859034@private> To: declan@private For Politech, if you like There's a Gmail exploit that allows an attacker to steal your Gmail cookie, which thereafter identifies them as you to the system, even if you change your password. This seems like a huge problem for Google, above and beyond the actual security breach. Remember that Gmail uses the same unlimited lifetime Google cookie. The data in that cookie is, presumably, extremely valuable for their tracking efforts, and I'd guess that this will be difficult for them to fix in a way that maintains that. I've blogged this: http://www.aquick.org/blog/index.php?p=135 -- - Adam ----- [ http://www.aquick.org/blog ] [ http://www.adamfields.com ][ http://del.icio.us/fields ] [ http://www.aquick.org/photoblog ][ http://www.aquick.org/gallery ] _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Tue Nov 02 2004 - 00:07:22 PST