Hackers turned computer security specialists accuse Google of setting users up for online disasters by letting them personalize home pages with applications that could be tainted.
Software that hackers can trick people into installing on “iGoogle” home pages can track users’ activities and control their machines, SecTheory chief executive Robert Hansen said on Friday.
“I could force you to download child porn or send subversive material to China,” Hansen said. “The exploitation is almost limitless. Google has to fix it.”
Google lets people customize iGoogle home pages with mini-software programs called “gadgets,” such as to-do lists, news feeds, currency converters and calendars.
Hackers can program malicious code into proffered gadgets or break into systems hosted by engineers providing legitimate mini-programs.
“It turns out a lot of people who develop these things aren’t good at security,” Hansen said, citing research he and Cenzic security analyst Tom Stracener shared at the DefCon hacker gathering in Las Vegas.
“We pretty much break into anything we try,” Stracener said.
Hackers can resort to the tactic of luring Web surfers to sites that trick people into installing applications on iGoogle home pages.
A hacker can remotely control a victim’s computer as long as the iGoogle page is open.
Gmail users face danger from the same “hole” in security, said Hansen, whose hacker name is “RSnake.”
“We’ve been telling Google about these vulnerabilities for years and they have not made corrective actions,” Hansen said. “They chose to open the doors and insomuch put a lot of consumers at risk.”
Google says it checks gadgets for malicious code, rarely finding any, and that it removes tainted programs.
NO HUMAN ERROR: After the incident, the Coast Guard Administration said it would obtain uncrewed aerial vehicles and vessels to boost its detection capacity Authorities would improve border control to prevent unlawful entry into Taiwan’s waters and safeguard national security, the Mainland Affairs Council (MAC) said yesterday after a Chinese man reached the nation’s coast on an inflatable boat, saying he “defected to freedom.” The man was found on a rubber boat when he was about to set foot on Taiwan at the estuary of Houkeng River (後坑溪) near Taiping Borough (太平) in New Taipei City’s Linkou District (林口), authorities said. The Coast Guard Administration’s (CGA) northern branch said it received a report at 6:30am yesterday morning from the New Taipei City Fire Department about a
IN BEIJING’S FAVOR: A China Coast Guard spokesperson said that the Chinese maritime police would continue to carry out law enforcement activities in waters it claims The Philippines withdrew its coast guard vessel from a South China Sea shoal that has recently been at the center of tensions with Beijing. BRP Teresa Magbanua “was compelled to return to port” from Sabina Shoal (Xianbin Shoal, 仙濱暗沙) due to bad weather, depleted supplies and the need to evacuate personnel requiring medical care, the Philippine Coast Guard (PCG) spokesman Jay Tarriela said yesterday in a post on X. The Philippine vessel “will be in tiptop shape to resume her mission” after it has been resupplied and repaired, Philippine Executive Secretary Lucas Bersamin, who heads the nation’s maritime council, said
CHINA POLICY: At the seventh US-EU Dialogue on China, the two sides issued strong support for Taiwan and condemned China’s actions in the South China Sea The US and EU issued a joint statement on Wednesday supporting Taiwan’s international participation, notably omitting the “one China” policy in a departure from previous similar statements, following high-level talks on China and the Indo-Pacific region. The statement also urged China to show restraint in the Taiwan Strait. US Deputy Secretary of State Kurt Campbell and European External Action Service Secretary-General Stefano Sannino cochaired the seventh US-EU Dialogue on China and the sixth US-EU Indo-Pacific Consultations from Monday to Tuesday. Since the Indo-Pacific consultations were launched in 2021, references to the “one China” policy have appeared in every statement apart from the
More than 500 people on Saturday marched in New York in support of Taiwan’s entry to the UN, significantly more people than previous years. The march, coinciding with the ongoing 79th session of the UN General Assembly, comes close on the heels of growing international discourse regarding the meaning of UN Resolution 2758. Resolution 2758, adopted by the UN General Assembly in 1971, recognizes the People’s Republic of China (PRC) as the “only lawful representative of China.” It resulted in the Republic of China (ROC) losing its seat at the UN to the PRC. Taiwan has since been excluded from