Gmail Exploit, Say it Ain’t So!
- 0
- Add a Comment
- No Related Post
What many have titled to be the king of Web based E-mail has a security problem. This one seems to be a security flaw when it comes to special characters in the E-mail address.
If you have an email address with special characters like ‘John.Smith@gmail.com’, you could most likely be receiving emails meant for ‘JohnSmith@gmail.com’, which is a similar address without the special character. However, it was noted that emails sent from gmail accounts to addresses with special characters are delivered normally.
The accidental discovery was made by an in-house product engineer (who possesses a gmail address with special characters), when he started receiving emails meant for another account (an address without the special characters). While no malicious attacks have been reported, independent testing by WebHosting.Info’s news team confirmed the flaw.
Google has been notified of the issue and seems to have already implemented a workaround by denying registration of email addresses with special characters. While not easily exploitable, this flaw does raise the possibility of another person reading your personal emails.
You can read the rest of what WebHosting.Info had to say on the matter. In the long run though this sort of thing was bound to happen. Security gurus will soon be jumping all over this issue in the next few weeks till Google finds a permanent fix for the problem.