How a Google Headhunter’s E-Mail Unraveled a Massive Net Security Hole
Source: Wired - Posted by Pooja Shah   
Cryptography So he wondered if the e-mail might have been spoofed – something sent from a scammer to appear to come from the search giant. But when Harris examined the e-mail’s header information, it all seemed legitimate. Then he noticed something strange. Google was using a weak cryptographic key to certify to recipients that its correspondence came from a legitimate Google corporate domain. Anyone who cracked the key could use it to impersonate an e-mail sender from Google, including Google founders Sergey Brin and Larry Page.

Read this full article at Wired

Only registered users can write comments.
Please login or register.

Powered by AkoComment!