Gmail password hijacking

By Tom | March 10, 2008

Jeff Atwood at Coding Horror outlines how a software used for backing gmail was use to collect gmail login details.

I was looking for a way to back up my gmail account to a local drive. I’ve accumulated a mass of important information that I would rather not lose. During my search I came across G-Archiver, I figured what the heck I’ll give it a try.
It didn’t really have the functionality I was looking for, but being a programmer myself I used Reflector to take a peek at the source code. What I came across was quite shocking. John Terry, the apparent creator, hard coded his username and password to his gmail account in source code. All right, not the smartest thing in the world to do, but then I noticed that every time a user adds their account to the program to back up their data, it sends and email with their username and password to his personal email box! Having just entered my own information I became concerned.

Coding Horror: A Question of Programming Ethics.

Stumble it! Sphere: Related Content

Topics: Technology |

Add to Netvibes Subscribe with Bloglines Small NewsSmall News Feed Subscribe to Small News:Get all the News In Small on your cell phone

« Banning Torture Bill vetoed by Bush | Home | EU Approves Google takeover of DoubleClick »

Small-News Widgets

Download the Small-News.com Yahoo Widget, and NEVER miss a Breaking News


Download
.Mac (Apple Computer, Inc.)

Quote of the Day

April 22, 2008

Men often hate each other because they fear each other; they fear each other because they don’t know each other; they don’t know each other because they can not communicate; they can not communicate because they are separated.Martin Luther King, Jr.



Comments are closed.


Tag: