Google Email Scandle

The media has claimed that the recent Google security exploit seemed to target Chinese dissidents, US politicians, and other people of influence, but I can tell you that the scope appears to be larger than that.  I also received a bogus email in my account from a friend that I trust.  The SMTP envelope had been validated by Google/Gmail, but it was an obvious hoax.  The media is claiming that the origin of the phishing attack was China, but my message seemed to originate from Australia.  Ho-hum.  I doubt that the Chinese government could glean much from anyone who has fallen prey to a phishing attack so I have to suspect it was not state-sponsored.

One thing that HAS given me pause about this incident: The pervasive use of common authentication schemes on the Internet.  If someone were able to come by my Google/Gmail credentials, they would not only have access to copious amounts of junkmail, but they would be able to log into my YouTube, my Google source account (all my unfinished projects!), my Google/Performics affiliate account (real money), and who knows what else (think: Any site that allows you to log-in with your Gmail username and password).  I LIKE having a different username and password for every website.  Imagine if you were using the new Google Chromium OS as well and all of your files were on a cloud somewhere.  Presumably the attacker would have access to all that, too.  One more case to support the adage “Don’t put all your eggs in one basket.”


0 Responses to “Google Email Scandle”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: