The New York Times

Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password system that controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications.

The program, code named Gaia for the Greek goddess of the earth, was attacked in a lightning raid taking less than two days last December, the person said. Described publicly only once at a technical conference four years ago, the software is intended to enable users and employees to sign in with their password just once to operate a range of services.

Oops!

Found by Veronica Belmont.




  1. Lou Minatti says:

    John’s poo-poo’d the cloud for many reasons, but this one is the best.

  2. nun yac says:

    Is anyone else thinking about sellng their Goofle (Opps, is that really misspelled) stock? Seems like what your common sence has been telling you all along is probably correct. The cloud is not secure.

  3. deowll says:

    #2 I have to agree with you Google is not secure. Neither are my home computers or my house. Nothing is secure. Some data I leave inside my skull but my brain isn’t as reliable as I would like it to be either.

    How about yours?

    I trust Google to hold on to my data about as far as I trust anyone; not very far.

    I will note that when I first signed up for gmail and had given the address to no one I got two pieces of spam almost immediately. Not sure how that happened but so far that is the only spam that has shown up there. I basically use the account to email myself data that I might need to look at elsewhere.

  4. Ah_Yea says:

    Your friends and mine.

    C H I N A

    So I wonder what they are planning to do with this information??

  5. Glenn E. says:

    Of course, it’s CHINA. Because the NSA and CIA, have their own undetectable backdoor into Google. In fact it’s probably not even the Chinese government, hacking in. Because they can employ faked Certificates of Authority too. And eavesdrop via SSL, without detection. Morely like this is the Chinese mafia, or something.

  6. sargasso says:

    Just cleared out 70,000 emails on my Gmail account. I’m fool enough to think it matters, but I know they’re cached. A new 25 character alpha-numeric password tomorrow, in Maori. Read my ass, Charlie!

  7. Walter Bishop says:

    This, and the ease with which govt can obtain Google-resident info with (or maybe without) subpoena, is what will prevent the cloud world from taking over privately owned systems. Sorry, Google. Where I work, not only is Google Apps not used, it’s blocked.

  8. Winston says:

    So, whatever happened to this reason?:

    U.S. enables Chinese hacking of Google

    “In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.”

  9. jbellies says:

    #5 “NSA and CIA”

    NSA + CIA = CSAINA, a kind-of Hungarian China. I’m scared.


0

Bad Behavior has blocked 6042 access attempts in the last 7 days.