Šobrīd vairs nav miera nevienam un nepaliek nepamanīts praktiski neviens produkts vai serviss, it īpaši, ja tas ir ļoti populārs. Drošības speciālisti ir pabakstījuši Googles servisus un atraduši tur pāris vājās vietas. Vienu tādu nepilnību Googles speciālisti novērsa, bet drošības eksperti uzskata, ka var būt vēl šis tas nesalāpīts.
The Google hole is an example of a common security problem affecting Web sites that dynamically generate Web pages based on input from unknown sources, such as Web surfers, according to a vulnerability note written in 2000 by the Computer Emergency Readiness Team at Carnegie Mellon University in Pittsburgh. (See: http://www.cert.org/advisories/CA-2000-02.html.)
Google developers appear to have missed that four-year-old warning and the company did not respond to repeated e-mails sent to an address for reporting security holes, Ley said.
In patching it, Google developers changed their code to prevent javascript and vbscript, but may have left open other avenues of attack, Ley wrote in an e-mail.
"… but may have left open other avenues of attack …" – skan jau varen rožaini 😉
Jap šitas jau dzirdets…
SIETa programmatūra ir pieejama downloadēšanai!
http://www.siets.net/server/
hakeri ir visur.
Pokemoņi arī.