Kornman00
June 3rd, 2011, 12:42 AM
Article (http://www.msnbc.msn.com/id/43253703/ns/technology_and_science-security/).
Washington scrambled on Thursday to assess whether security had been compromised after Google revealed a major hacker attack targeting U.S. officials that the Internet giant pegged to China.
"These allegations are very serious," Secretary of State Hillary Clinton said.
"We take them seriously; we're looking into them," Clinton told reporters a day after the Internet giant said it had disrupted a campaign aimed at stealing passwords of hundreds of Google email account holders, including senior U.S. government officials, Chinese activists and journalists.
...
Why the FUCK is Google still storing the actual passwords to people's accounts >:|? If they store a salted hash of a user's password, this shouldn't be an as serious attack (but still a serious attack by those communist fortune cookie hackers overseas) since they can't actually steal the passwords themselves, but only derived binary data...
EDIT: never mind, appears their method this time (http://www.msnbc.msn.com/id/43254027/ns/technology_and_science-security/) was more so based on typical phishing schemes, not actual data penetration. The Secret Service or the FBI should do white hat phishing attempts on our retarded officials every year, to test if they're actually falling for stupid shit like this. I mean, come on, if an official is stupid enough to fall for phish bait, they shouldn't be in power...
Washington scrambled on Thursday to assess whether security had been compromised after Google revealed a major hacker attack targeting U.S. officials that the Internet giant pegged to China.
"These allegations are very serious," Secretary of State Hillary Clinton said.
"We take them seriously; we're looking into them," Clinton told reporters a day after the Internet giant said it had disrupted a campaign aimed at stealing passwords of hundreds of Google email account holders, including senior U.S. government officials, Chinese activists and journalists.
...
Why the FUCK is Google still storing the actual passwords to people's accounts >:|? If they store a salted hash of a user's password, this shouldn't be an as serious attack (but still a serious attack by those communist fortune cookie hackers overseas) since they can't actually steal the passwords themselves, but only derived binary data...
EDIT: never mind, appears their method this time (http://www.msnbc.msn.com/id/43254027/ns/technology_and_science-security/) was more so based on typical phishing schemes, not actual data penetration. The Secret Service or the FBI should do white hat phishing attempts on our retarded officials every year, to test if they're actually falling for stupid shit like this. I mean, come on, if an official is stupid enough to fall for phish bait, they shouldn't be in power...