Gmail is not an iron wall

Gmail, a widely used email service under Google, has recently exposed a vulnerability that allows anyone to obtain a large number of Gmail email account information in order to post spam or even steal passwords. It is reported that the vulnerability may have existed for several years. The vulnerability was discovered by Oren Hafif, an employee from an Israeli security company who has previously discovered multiple Gmail vulnerabilities. Hafif said that by exploiting the vulnerability discovered this time, a large number of Gmail email accounts can be obtained within a few days or weeks. Although this vulnerability cannot directly steal account passwords or log in to accounts, it may put users at risk of spam, phishing or password theft. The reason why the vulnerability can be exploited is that Gmail has a little-known account sharing function, which allows users to "delegate" other users to log in to their own accounts. Last November, Hafif discovered that when trying to log in to someone else's account through the "delegate" function, you only need to make a slight change to the web page address that pops up to obtain the email address of another user. With the help of software that automatically changes web addresses, Hafif once collected 37,000 Gmail email addresses in two hours. In this regard, Hafif said that he had good reason to believe that all Gmail accounts may have been collected. In addition, he emphasized that the vulnerability affects not only personal mailboxes, but also corporate users who use Gmail mailboxes, and even Google itself. Hafif said that Google did not use cookies or other forms of authentication to display vulnerable pages, so it only needed to use anonymous software to obtain a large amount of user account information without being noticed. Hafif said that since Gmail has had a "delegation" function since 2010, the vulnerability may have existed for several years. As for how much account information has been secretly collected, it is unknown. A Google spokesperson said in an interview that the vulnerability has been successfully fixed.

As a winner of Toutiao's Qingyun Plan and Baijiahao's Bai+ Plan, the 2019 Baidu Digital Author of the Year, the Baijiahao's Most Popular Author in the Technology Field, the 2019 Sogou Technology and Culture Author, and the 2021 Baijiahao Quarterly Influential Creator, he has won many awards, including the 2013 Sohu Best Industry Media Person, the 2015 China New Media Entrepreneurship Competition Beijing Third Place, the 2015 Guangmang Experience Award, the 2015 China New Media Entrepreneurship Competition Finals Third Place, and the 2018 Baidu Dynamic Annual Powerful Celebrity.

<<: China Mobile: TD-LTE voice call success rate has reached 98%

>>: Nanjing Mobile 4G users were cheated and cried: the phone lost connection after turning on

Apple launches iOS 10.2 Beta2. What are the new changes?

Live broadcast training camp: Create a million-dollar live broadcast room to teach you how to sell goods through live broadcast and seize the live broadcast boom

In order to help companies quickly cultivate live...

Chifeng SEO training: Regularly summarizing SEO-related data indicators is an important reference system for measuring the value of one's own work

Improve SEO: Actually, it means improving the pro...

Gmail is not an iron wall

Apple launches iOS 10.2 Beta2. What are the new changes?

my country's first 5G package has been announced, and there are a lot of 5G phones waiting for you to choose

Xiaohongshu product analysis report!

Can "rice" cure sprained ankles? Don't disbelieve it, it's true!

Samsung's Galaxy Note 7 battery explosion crisis gets worse

Detailed tutorial on Red V certification on Xiaohongshu

Will taking a bath or exercising after having sex make the condition worse? Many people ignore these 4 things

12306 user data has been leaked, change your password quickly!

A guide to operating an advertising budget of 10 million+!

Does eating sugar make people happy? Is eating sweets bad for the eyes? How true is this sweet rumor?

Recommend

The Essence of Gravitation

Tesla electric truck price announced: starting price is less than 1 million RMB

How much is a wild horse: How many factors affect SEO rankings? What are they?

How much does mutton cost per pound? What is the current market price of mutton?

Live broadcast training camp: Create a million-dollar live broadcast room to teach you how to sell goods through live broadcast and seize the live broadcast boom

3.15 Know More | Uncover the Truth Behind “Free WiFi”

"Health from eating" series | How to drink "life-extending" milk tea to be healthy? Learn from one picture

Families, those who like flat-faced puppies are in luck

What is the nose under the bow of a boat for? Without it, the boat can't go fast.

By mastering these points, you can also plan an event that will sweep your circle of friends!

Do you know how to wash and maintain these quilts?

Rumor has it that the iPhone 7 will be equipped with these features: 5-inch screen and dual cameras

How do you plan a successful event and ensure that expectations are met?

No need to install the app, WeChat applet printing experience: I found it really useful after using it

Chifeng SEO training: Regularly summarizing SEO-related data indicators is an important reference system for measuring the value of one's own work