dark_drgn 0 Report post Posted March 11, 2006 (edited) A teenage blogger claims to have discovered a flaw in Google's Gmail service that allows JavaScript to run, potentially allowing a malicious hacker to gather e-mail addresses or compromise an account. The supposed flaw may already have been fixed, however.Advertisement:The teenager identifies himself in his blog as a 14-year-old named Anthony. His entry about Gmail is here.He wrote that he was trying to e-mail JavaScript code from a Yahoo account to a G-mail account. The code will run in a preview pane, he wrote. But if the code is mailed from one Gmail account to another, it is filtered out, he said.Some visitors to the blog reported being able to replicate the findings, but others said later that they were not able to and that the supposed flaw had been fixed. Google representatives in London could not immediately comment, saying the report would be forwarded to their technical staff. a very interesting article, you can find the original piece hereIf a kid like that found out this error before a hacker did, think what would have happened if someone used it before they got a chance to even fix the thing. Google got lucky this time. Hope they don't have any more flaws, i rely a lot on my Gmail account. next best thing next to sliced bread! Edited March 11, 2006 by dark_drgn (see edit history) Share this post Link to post Share on other sites
xJedix 0 Report post Posted March 11, 2006 That is interesting.... I think it is the first flaw I have heard of google having, besides that one time when someone hacked google and changed everything to 1337 language. The awsome thing is you are able to choose the 1337 language in the language settings :(But yea, it is very good that a hacker did not exploit it, it could have been bad for google if someone exploited it. Share this post Link to post Share on other sites
dark_drgn 0 Report post Posted March 11, 2006 1337 Language? I thought that google did that on purpose or something I didn?t think that someone actually hacked into the system or something. Share this post Link to post Share on other sites
Kioku 0 Report post Posted March 11, 2006 I knew that anything as good as Gmail deffinitely had to have more flaws other than the security and prviacy problems that have to be considered occasionally. It's good this was found out before a malicious use could be put forth, at least as somebody previously stated. If a person did, they'd probably sell all of the emails to spammers for quite the giant wad of cash. Share this post Link to post Share on other sites
dark_drgn 0 Report post Posted March 12, 2006 As for the rumors you've heard about Gmail shutting down or something. It could very well be true, as you can see, you still have to be invited to use it. And it still says Gmail Beta on the login page. This is done so that if there is a major problem with it and if they want to shut it down, they won?t be blamed. Since it is still in ?Beta?, they won?t be held responsible for anything that happens. It would indeed be evil if it did happen. But I highly doubt that they would have the guts to pull something like that off. It would probably send their stock plunging if they did. Share this post Link to post Share on other sites
Salman Syed 0 Report post Posted April 12, 2006 All these things might be true but i have not heard ever that any gmail account had been hacked. a very interesting article, you can find the original piece hereIf a kid like that found out this error before a hacker did, think what would have happened if someone used it before they got a chance to even fix the thing. Google got lucky this time. Hope they don't have any more flaws, i rely a lot on my Gmail account. next best thing next to sliced bread! Share this post Link to post Share on other sites
apurva 0 Report post Posted May 27, 2006 Oh thats interesting facts..But i don't think google can ever think to shut their gmail..People are highly dependent on it and would loose their trust if they did so.. Share this post Link to post Share on other sites
kurtis 0 Report post Posted May 29, 2006 a very interesting article, you can find the original piece hereIf a kid like that found out this error before a hacker did, think what would have happened if someone used it before they got a chance to even fix the thing. Google got lucky this time. Hope they don't have any more flaws, i rely a lot on my Gmail account. next best thing next to sliced bread! I don't really get it. So some guy e-mailed javascript too himself, and it showed a directory of a bunch of e-mails and passwords? This makes absolutly no sense, please clarify this for my pea-sized brain to comprehend. Share this post Link to post Share on other sites
dundun2007 0 Report post Posted May 29, 2006 Man having a 14 year old kid that knows about java script figure out a flaw in a very popular email really makes me and maybe some of you sound really careless. I mean if i did something like that i probably wouldnt even think about it and i would end up forgeting about it and wouldnt make a big deal about it. Share this post Link to post Share on other sites
amhso 0 Report post Posted May 30, 2006 you take the word "hacker" in a different sense that a whole other community does. That kid could be a programming enthusiast like many of you, that likes to find problems (what the term "hacker" means). This kid could be like that, just as many kids today can program exploits at the age of 12 to 16. He was just there to find a problem with a search engine, instead of like a word processor. Share this post Link to post Share on other sites
Gondero Werkus 0 Report post Posted May 30, 2006 I remember seeing this article but I do believe it has been resolved since then but I could be mistaken afterall. It was a big deal but it isn't that hard of a hole to fix really if you know how it's done. Share this post Link to post Share on other sites
Magic1492 0 Report post Posted May 30, 2006 Wow, this kid knows what he's doing. If a 14 year old can find out how to run outside code in Gmail, think what a hacker could do. But I hope nothing happens to Gmail, I use it for everything. Share this post Link to post Share on other sites
WiZ 0 Report post Posted July 3, 2006 Very interesting and advanced 14 year oldThis is indeed a small bug, google has probably fixed it right away.Gmail rocks, I hope there wont be any more problems like this Share this post Link to post Share on other sites
Panzer 0 Report post Posted July 3, 2006 well everyone knows that nothing is bullet proof. The boy should have charged google a ransom or something (hehe) or adleast loaded a fun javascript.Though of all the faults i thought google wouldnt have missed that. I mean the google team has designed alot and i mean ALOT of applications probably using VB6, they would have used javascript in there, and continuely updating the google/gmail site...(Im 14 and i know javascript) Share this post Link to post Share on other sites
elevenmil 0 Report post Posted July 3, 2006 Well they should at least hire the kid for his good deeds :)Very interesting to find how smart 14 year olds can be these days now that kids are introduced to technology at such a young age anymore...I was that age when I first sat down on a Windows system...and that was only seven years ago...But again google should make a smart decision and hire him as a reward... Share this post Link to post Share on other sites