Flaw in Gmail Expose It to Hackers

The CEO and Security researcher of Errata Security, Robert Graham, revealed that Gmail is susceptible to hacking. Gmail accounts accessed through the wireless network are prone to hacking attacks due to a flaw in Google's Secure Sockets Layer (SSL) connections, as reported by pcpro.co.uk on February 1, 2008.

Graham further said that hackers can easily access Google account of a user by disabling the feature of safety measure. Thereafter, hackers can easily attack Google account of the victim by gaining access to his e-mail, calendar entries and map searches.

The vulnerability of the Google account is a result of an extensive use of session-IDs, which Websites uses every time a user enters his login details. Usually, the session-IDs appear in the form of text strings in the Website's URL (Uniform Resource Locator) randomly or they come in the form of Hyper Text Transfer Protocol (HTTP) cookie.

Graham, in his statement published by arstechnica.com on February 1, 2008, said that the JavaScript code of Google makes HTTP request through the XMLHttpRequest in background. The HTTP request is SSL-encrypted by default, but if SSL fails, the HTTP request is changed into non-encrypted mode.

Whenever users attempt to link to some WiFi hotspot, Gmail tries to link with SSL irrespective of its being unable or disable. Even if Gmail's attempt to connect with SSL fails, the cookies formed during session-ID gets transmitted to router. And hence, they can be captured by any persona by using a suitably configured software suite.

The hacker can further send a rearranged software suite to victim's PC to hack the computer easily. The process will further help in retrieving unencrypted session ID, which can further help in accessing Gmail and Hotmail accounts of a victim without requiring to decode the password.

Graham further explained that almost all companies provide their users with a secured login portal at the time of subscription, but a few hold on to their secured connection promises, and as a result, the users fall prey to malicious hacking.

In a statement published by theregister.co.uk on February 1, 2008, Graham said that Google mail is facing the hacking incidents as the portal is not following SSL correctly, but if SSL is followed appropriately, then the accounts are safe.

Related article: Flaw For PayPal Website, Opportunity For Fraudsters

» SPAMfighter News - 2/14/2008