Saturday, September 29, 2007

Google Mail Vulnerability

This article in The Register describes a vulnerability in Google Mail / Google Groups wherein specially crafted email could compromise Google Mail and do bad things like install a filter in the victim mail account to siphon off email to the bad guy. (Other vulnerabilities were mentioned in Google Search Appliance and Google Picasa)

As the technology industry continues to focus on new features, new applications, constant change, it seems that we poor humans are left behind, unable to adapt so quickly to these new threats. We can barely teach people not to open suspicious attachments, so how does the average user know when emails could potentially have exploit code in them? It's my experience that the more you know about how things work under the covers the safer you can be (you have to be paranoid too) but expecting the average user to be a paranoid software coding expert is impractical to say the least.

We're not at that point in the industry where we've fool-proofed products. Maybe it is because of the continued flux in features and capabilities. When automobiles first made there appearance there were all sorts of designs and models. Eventually the market settled down and then we could worry about safety some 50-100 years later. Don't know if I care to wait that long for the computer industry.

1 comment:

  1. Interesting post and yes, the internet offers some very destructive capabilities... :-(


Note: Only a member of this blog may post a comment.