More Than the CAPTCHA is Broken at Gmail
May 13th, 2008 by Justin Ryan
Two months ago, the big Gmail news was that spammers had broken Google's extra-heavy-duty CAPTCHA and had begun to run amok offering "private" enhancements and Nigerian fortunes. This month, it's the news that they wasted their time.
According to reports, the Information Security Research Team (INSERT) has demonstrated a relatively easy exploit of a "serious security flaw" in Gmail's message forwarding system that allows spammers to bypass Gmail's sending limits as well as most anti-spam filtering. According to INSERT, all you need is one Gmail account, and the ability to connect to ports 25 and 80; if you're savvy enough to do that, you're all set to start your own spam network, sponsored by Google. An additional benefit is Google's karma: because the service is highly regarded, most providers whitelist all Gmail traffic, meaning that spam sent via the exploit will pass right by ISP-level filters.
Google has not, to our knowledge, made any public statement on the exploit, but we expect they're fully aware and hard at work patching the holes.
__________________________
Justin Ryan is the News Editor for Linux Journal.
Look for him in the #linuxjournal IRC channel.
Special Magazine Offer -- Free Gift with Subscription
Receive a free digital copy of Linux Journal's System Administration Special Edition as well as instant online access to current and past issues. CLICK HERE for offer
Linux Journal: delivering readers the advice and inspiration they need to get the most out of their Linux systems since 1994.
Subscribe now!
The Latest
Newsletter
Tech Tip Videos
- Nov-04-09
- Oct-29-09
- Oct-26-09
Recently Popular
From the Magazine
December 2009, #188
If last month's Infrastrucuture issue was too "big" for you then try on this month's Embedded issue. Find out how to use Player for programming mobile robots, build a humidity controller for your root cellar, find out how to reduce the boot time of your embedded system, and if you're new to embedded systems find out the basics that go into one. You can also read about the Beagle Board, the Mesh Potato and a spate of other interestingly named items. And along with our regular columns don't miss our new monthly column: Economy Size Geek.
Delicious
Digg
StumbleUpon
Reddit
Facebook








Post new comment