Deja Goo? A New Gmail Exploit Strikes (Again)

Yet another Gmail exploit is targeting Google Gmail accounts. This time the exploit has to do with an attacker getting into your filters on your Gmail account and setting up new ones that forward mail to another account. "Brandon" at explains how it works.

Google "Gmail exploit" and you'll get hits ranging from the November 23, 2008 exploit to as far back as "Gmail Exploit Discovered by 14 years \[sic\] old Boy," posted in a forum in March 2006, and many more hits in between. The writers (and Google, by default) put the onus back onto the user—don't go to websites that are malicious, don't use your Gmail account for sending information that's important, and log out of your Gmail account if you're not using it.

But rather than blaming the victim, perhaps Google owes Gmail users an apology for the continued security flaws. At the least. Then if it wants to continue on its merry way, giving us even more Themes and even better targeted advertising, fine. (Because it will, anyway.)

Then, with all the goodwill generated by its simple "We're sorry," Google could pony up for at least one new security feature. It wouldn't be expensive, nor hard to create: a warning posted in the Inbox UI, perhaps below the Web Clips—"Privacy is an Illusion—Get Used to It, Act Accordingly. Signed, The Google Gmail Security Team."

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.