All the latest UK technology news, reviews and analysis
|
|
|
13 Jan 2005
A Unix community group has reported a flaw in Google's free Gmail email service which it warns could compromise user information.
Two members of HBX Networks, going by the monikers 'Hairball' and 'MrYowler', were testing a Perl script that would send out a newsletter. When they tried to reply to the test email the page displayed HTML code which included the names and passwords of other users.
"We do realise that Gmail is an invitation-only service in a beta-test state of development," said 'Hairball' on the group's website.
"Nevertheless, many people rely on Gmail heavily, and many more people are forced to communicate with Gmail users because of this reliance.
"These people should expect their communications to be vulnerable to interception, at least until Gmail corrects the issue."
The problem appears to come from poorly defined code boundaries on Google's mail server.
The community group members do not propose a workaround beyond informing Google of the problem, but do include a request for a job with the company at the end of their report.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Assistant Director - Infrastructure - London - required...
A well established homeware brand is looking for an experienced...
Join a team that is revolutionising the way media is...
Linux Server Support Analyst - Bristol/Bath £20,000 plus...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?