
Ask HN: What if gmail was compromised? - kamikaz1k
I vaguely remember years ago reading a hypothetical post about what would happen if gmail was shipped with a vulnerability that disabled password check. And essentially it would lead to the world ending.<p>The author&#x27;s claim was that it might not be so farfetched because there was a time when dropbox shipped a version with the password check disabled.<p>I was hoping someone would remember it and or link it.<p>Or failing that, what are people&#x27;s thoughts on what would happen if such a vulnerability was shipped today.
======
hkai
It's actually on my TODO list to write a book about that.

The idea being:

\- Every geographic location you ever visited, every password, every google
search you made is now available to anyone publicly, with a convenient web
search interface.

\- People are digging through your data to figure out that you visited this
brothel in Thailand, or googled the N-word back in 2009, and activists will
send that information to your employer, friends and family. Every query you
entered on a porn site. Every time you bought drugs online. Every comment you
left on any site. Every sex toy you bought. Every photo you thought was
deleted. Everything.

\- Finally, the hacktivists who performed this selectively left out roughly
50% of the data, the data of the people who are on "their side", their
supporters, and included only the data of the groups they don't like.

~~~
deanmoriarty
This was so scary and well written, I applaud your style.

Do you know if there is some similar material to what you’re describing
online? I’m not talking about the leaks themselves, just stories/books about
these distopian scenarios.

~~~
nf05papsjfVbc
At an abstract level, "Animal Farm" is not far from such a theme.

~~~
deanmoriarty
Yeah, I read that book, phenomenal read. Was more thinking of something
focused on potential big tech giants' leaks implications.

------
gitgud
Well my theory is that if Gmail was "hacked" or exposed, huge parts of the
internet would be compromised.

Hundreds of millions of Gmail accounts are the central point of failure in a
lot of people's lives. Each account can be used to:

\- reset other website accounts

\- blackmail

\- identity theft

\- password discovery

\- socially hack connected friends, via phishing

It's a cascading failure that would completely undermine the trust of Google
in the public perception.

Although this is possible I'm sure it's highly unlikely...

------
kamikaz1k
Found the "article" I was talking about:

[https://youtu.be/y4GB_NDU43Q](https://youtu.be/y4GB_NDU43Q)

It's a talk by Tom Scott

~~~
gitgud
Years ago, when I first saw this talk, I wasn't paying attention at the
beginning and thought this really happened.

These days it would surprise me if this kind of event happened tomorrow...

------
jamieweb
Even worse could be an RCE vuln in Chrome at the same time that the google.com
search page gets compromised...

Also I think the post you're talking about is this video by Tom Scott:
[https://youtu.be/y4GB_NDU43Q](https://youtu.be/y4GB_NDU43Q)

------
swedish_mafia
Even worse, slack.

------
Endy
Not much would happen. Another minor flutter in the tech world, a bunch of
people finally realizing just how much they've given up to one company, and
then everything would go back to normal, and everyone would forget that Google
rules their existence. Besides, GMail is already compromised - it's a Google
product and they can (and do) examine the contents of your mail for potential
advertisement and to build their internal profile of you.

