• PC’s
  • Hardware
  • Software
  • Internet
  • Gaming
  • Science
  • Handhelds
  • Security
  • More »
    • Cameras
    • Displays
    • Electronics
    • Household
    • Industry
    • Networking
    • Peripherals
    • Portable A/V
    • Robots
    • Storage
    • Telecoms
    • Transportation
    • Wearables
    • Wireless
  • Commentary
  • How To’s
  • News

Google password system may not be as secure as we think

by: Bradley Wint on April 20th, 2010 at 11:04 am

Share

An insider at Google has released information that the Chinese hackers responsible for breaching their systems in December 2009 may have gotten more information than Google thinks, and analysts believe more holes may be present in the system. One of the major systems breached includes their Gaia cluster servers, which handles all Google user account passwords, which allow access to vital services including GMail, Adsense and more.

They report that no passwords were modified or stolen, with the exception of the two Gmail accounts owned by Chinese activists. However, with such a big breach, analysts believe the system may have other holes which hackers could exploit. The problem originated when they tricked a Google employee into clicking a rogue link, allowing them access to the employee’s entire computer and then to the server center in Mountain View, California.

Software from the developers’ database was reported as stolen, giving the thieves the opportunity to take down Google’s system if they had the right amount of technical knowledge, server power and timing on their hands. Since then Google has placed newer and stronger levels of encryption to counter the problem, but with such information now in the hands of criminals, it still leaves Google’s network at risk since they are still using the Gaia (a.k.a. Single Sign-On) software. With the programs being run on a cluster of computers, it also adds to the ease of threat because all attention would be simply focused on that cloud of computers rather than trying to target multiple locations if the program was run from different location instead.

It seems the hackers had inside knowledge beforehand, and were able to easily tap into the password protection system, as well as the software database, transfer it to private storage servers (Rackspace servers) and then moved it from there to other unknown locations after.

With that in mind, how safe is Google now? Will more encryption solve the problem, or should they do a total analysis of the system to find other holes which may not be covered by the added security?

– –

Related Stories

  • Zune HD and older models hacked, XNA limitations bypassed
  • China strikes back at Google by blocking Honk Kong search site
  • Google officially shuts down google.cn domain
  • Google may cease Chinese operations on April 10th
  • Google releases official Buzz widget

Have something to say? Be the first!

Click here to cancel reply.

Post a Comment

Stay Connected

Recent Stories

  • Firefox 3.6.4 Beta released, brings Uninteruppted Browsing
  • Italian movie sharing site LinkStreaming blocked by police
  • Run Android on the iPhone
  • Flawed McAfee update causes Millions of XP PCs to restart uncontrollably, fixed issued
  • Hide browsing data from Google with GoogleSharing, a Firefox add-on
  • Many Facebook User Accounts and Pages being hacked
  • iPhone OS 4.0 beta 2 + SDK released
  • BlackBerry OS 6.0 Details + Leaked Screens
  • iPad Wi-Fi + 3G confirmed for April 30th release in the US
  • Google password system may not be as secure as we think

Featured Stories

iPhone 4G coming in June or July? Here’s why

April 17th, 2010

Google may cease Chinese operations on April 10th

March 20th, 2010

Microsoft releases IE9 Platform Preview

March 17th, 2010

Home | About Us | Submit News | Advertise | Privacy Policy | Contact

Hosting by VPS.NET. Content Delivery by MaxCDN. CMS by Wordpress.

Copyright © 2010 BlogTechnical. All rights reserved.