Loading
More Than the CAPTCHA is Broken at Gmail
Two months ago, the big Gmail news was that spammers had broken Google's extra-heavy-duty CAPTCHA and had begun to run amok offering "private" enhancements and Nigerian fortunes. This month, it's the news that they wasted their time.
According to reports, the Information Security Research Team (INSERT) has demonstrated a relatively easy exploit of a "serious security flaw" in Gmail's message forwarding system that allows spammers to bypass Gmail's sending limits as well as most anti-spam filtering. According to INSERT, all you need is one Gmail account, and the ability to connect to ports 25 and 80; if you're savvy enough to do that, you're all set to start your own spam network, sponsored by Google. An additional benefit is Google's karma: because the service is highly regarded, most providers whitelist all Gmail traffic, meaning that spam sent via the exploit will pass right by ISP-level filters.
Google has not, to our knowledge, made any public statement on the exploit, but we expect they're fully aware and hard at work patching the holes.
______________________
Justin Ryan is a Contributing Editor for Linux Journal.
- Fun with ethtool
- Parallel Programming with NVIDIA CUDA
- Readers' Choice Awards 2011
- 100% disappointed with the decision to go all digital.
- Linux-Based X Terminals with XDMCP
- Validate an E-Mail Address with PHP, the Right Way
- You Need A Budget
- The Linux powered LAN Gaming House
- Why Python?
- Python for Android
2 hours 59 min ago
4 hours 20 min ago
7 hours 3 min ago
11 hours 34 min ago
16 hours 40 min ago
17 hours 41 min ago
1 day 3 hours ago
1 day 3 hours ago
1 day 9 hours ago
1 day 12 hours ago