It's being reported across the internet and the blogosphere that the popular GMail service has hit it's first security issue. I read the report . I enjoyed that report because it had a pretty good description of the vulnerability, how an account may become compromised, and what the fix is.
I've read a lot of comments that Google is the next Microsoft when it comes to security issues. It isn't as if either Google or Microsoft's products are particularly vulnerable, but that they are leaders in their respective industries and garner the most attention from hackers. It's actually pretty amazing that Gmail went this long without a serious security breach, and goes to show how much more difficult an online application is to compromise.
In the long run, the webcentric nature of applications like Gmail will help to keep them more secure than desktop applications (like Microsoft's Outlook for example). Since the applications are stored, operate, and communicate from centralized servers, it's far easier to patch than the hundreds of millions of personal computers which each have to download the patch. Personally, I trust a dozen Google engineers over millions of clueless end-users when faced with a security issue.
There's a lot of hoopla about this, but I can guarantee that not much will come of it.
Monday, October 1, 2007
Gmail compromised - is Google the next Microsoft?
Posted byThe Google Watchdogat8:41 PM
Subscribe to:Post Comments (Atom)
7comments:
I think whether a product contains bugs is perhaps less important than how a company responds to a bug report: are they evasive or non-responsive, or do they post a fix without fuss? I'd rather use Google's or Mozilla's products since at least I feel confident that their many bugs are being fixed soon after they're identified, whereas I don't quite trust Microsoft since they don't fix their product's problems quickly or reliably.
Google's team is really quick to fix problems like this.
I don't really worry about this security issue
My gmail was hijacked 3 days ago. The hacker is now emailing everyone on my contact list trying to borrow/scam money out of them. He's also replying to everyone pretending to be me. I filled out a form to gmail explaining my situation and apparently I won't hear back from them for another 5-10 days. This is unacceptable. But then again, it's a free webmail service so unfortunately I can't expect customer service.
Gmail boasts at the fact that it has a huge inbox and that you never need to delete any messages. Well I've been using gmail for 3 years now and i had about 2 gigs worth of emails in there. Now some hacker has access TO EVERYTHING IN THERE. I've certainly learned my lesson. GMAIL SUCKS!
I know this is kind of old, but my Google account was hacked into yesterday, so from what I'm reading it's going to be a long wait to get it back. My blog is vulnerable as is my website--all through Google. I'm going to move my stuff to a customer service based program. It's a joke that you can't disable the account as soon as the breach is reported. Instead they make you wait while someone has access to your online life.
As mad as G makes me, I do trust their ability to plug security links very quickly. So it doesn't worry me either.
G's products are very vulnerable. I would expect to see many more issues with it ahead.
I hope G dies!