
Cyberattack on Google Said to Hit Password System - asnyder
http://www.nytimes.com/2010/04/20/technology/20google.html
======
anigbrowl
tl;dr January 12 attack on Google China _By clicking on a link and connecting
to a “poisoned” Web site, the employee inadvertently permitted the intruders
to gain access to his (or her) personal computer and then to the computers of
a critical group of software developers at Google’s headquarters in Mountain
View, Calif. Ultimately, the intruders were able to gain control of a software
repository used by the development team._

~~~
EricBurnett
Regarding the title of the article, the attackers stole the source to "Gaia",
the single-sign-on system used by Google, and could potentially find
previously-unknown security holes in it.

------
InclinedPlane
It's interesting how the world is changing. A whole host of "security"
measures protecting all manner of information and services at companies both
big and small are often based on a combination of security through obscurity
and the assumption that any attack will be limited in scale.

Much like the phase change that occurred in the industry as the internet
became popular and software developers could no longer ignore security I think
we're headed for another phase change / inflection point as the stakes get
raised. 5 years from now the default security assumption will probably be
something along the lines of: "assume a hostile 1st world nation already has
access to your internal network and is using a significant amount of resources
to gain as much information and access to internal services as possible".

------
erikstarck
I would be more surprised if someone did _not_ try to hack the Google login
system. I'm assuming they're under constant attack from hackers.

