Major Gmail Security Bug Discovered
Listen Up We're testing out this great guy we found posting user reviews on our review sectoion. His name is David Johnston and this is his first article. Give it a read and let us know what you think of young David. He writes reviews under his user name GOTAMD. Not bad for college kid!

David Johnston writes: In an attempt to test a mass emailing script designed to send a newsletter to a group of subscribers, two hackers (in the old sense of the word) discovered that a mistake in their Perl script where they had forgotten to close a bracket around the "reply to" email address. As a result, when they clicked in the reply box, they found that it was filled with HTML code. The code was actually from other Gmail users'
emails. They believe that because they closing bracket was missing, Gmail kept on sending information from its cache to them until either a buffer limit was reached or the character appeared. In each of the ten test emails that they sent, they discovered 10 other people's emails which included things like usernames and passwords as well as a computer purchase receipt and, of course, about six spam messages. This flaw should bother anyone who relies on Gmail for sending private messages because until this flaw is fixed, they may not be as private as you think. The full story can be found here.

Thanks David!

# Permalink   Posted at 11:21 AM        5 comments       Email this Link