CERTIN (Indian Computer Emergency Response Team) has put out a warning that Google and its products are vulnerable to hacking.
It says: "Multiple vulnerabilities have been reported in a wide range of Google products such as Google Search Appliance, Google (Blogspot) Polls Application, Google's Picasa photo-sharing software, Google's Urchin Analytics service, including a persistent e-mail theft issue affecting the widely used GMail service." Read report here.
Today The Times of India carries a report based on the CERTIN warning; and the report includes quotes from CERTIN director and Google India' R&D head. CERTIN's director Gulshan Rai refused to specify factors that led to the advisory but said it was backed by valid reasons. Google India's R&D head Prasad Ram recently announced that its vision for India was to empower users "by providing organised, easily accessible information and products which encourage the creation and consumption of locally relevant content". Read TOI report here.
CERTIN has put out a few precautions:
- Users should be selective about how they initially visit a web site.
- Don't click links on untrusted web pages or in unsolicited emails.
- Disable all scripting languages in web browsers.
- Users should especially safeguard their browsers by installing patches for their browser in a timely manner.
Though I use the Internet, especially Google and its products, I'm in no way knowledgeable on these technical matters. It's for more tech-literate readers to tell us what one should make out of this. Since Google and its products are very popular, the implications of the warning are quite wide.
This is about everything that is evolving around us with time .... The changing trends .... Their highs and lows .... The changes that are making an impact on our lives .... From technology to social, economic and political issues ... Some books, some sports, some personal anecdotes.
Saturday, October 6, 2007
2 comments:
I appreciate your comments. Thank you.
If your email ID is enabled in the Blogger profile, I'll reply to your comments via email because you won't have to come back here or look through email notifications to read my reply.
I might copy-paste the replies here if I feel they might be of interest to others as well.
For everyone else, I'll reply here.
Subscribe to:
Post Comments (Atom)
> director Gulshan Rai refused to specify factors
ReplyDeleteHmm there's not much even a technical person can speculate based on something as vague as this :)
One thing in the TOI article was:
----
The data is usually gathered in the form of a hyperlink which contains malicious content within it. The user will most likely click on this link from another website, instant message, or simply just reading a web board or email message
----
So what this means is that a mail can contain a hyperlink that has the text "click here to unsubscribe" or something but the link actually points to something else. Eg Click here for free amazing wallpapers
So when you get mail from unknown user which looks like spam but may not be but you're not quite sure, keep the mouse over the image or the link, and look at the status bar of your browser to see where its going to and whether that looks authentic.
Another common theft approach is phishing, where a web page looks exactly like the real one, but is a dummy page. See more details here
http://en.wikipedia.org/wiki/Phishing
I am wondering what this is about.Phishing & teh such is applicable to everybody, why single out Google? In China google I think had to agree to provide search engine results ( some or all i dont know) to the government. Maybe there is some such argument brewing up...
ReplyDelete