VULNERABILITY COULD ALLOW ATTACKERS TO STEAL USER'S CREDENTIALS OR EVEN PUSH ARBITRARY FILES
>We've investigated your submission and made the decision not to track it as a security bug. Only first reports of technical security vulnerabilities that substantially affect the confidentiality or integrity of our users' data are in scope, and we feel the issue you mentioned does not meet that bar.
holy shit how are they not considering this a vulnerability
Adam Ortiz
Can anyone confirm if this actually works?
Samuel Ward
So basically I can create a website that looks like Google's login. Inject the url of it into the legitimate login page. When someone fucks up their password, it redirects to mywebsitefakelogin.com. They input their credentials there, and it goes to my database instead.
That's what I got out of it?
Ryder Flores
Jesus christ, Google isn't consider this a security bug at all? What the fuck? Meeting that bar? Just fuck my shit up, senpaitachi
Austin Watson
Google's services are such a bloated clusterfuck
they need to gather everything in 2-3 sites max
David Gonzalez
i dont think they even have to get it wrong. any password they put in to it it redirects them is what i am led to understand.
Oliver Jones
I literally just changed my password yesterday because someone from texas logged into my account Fuck you google, at least it's full of spam and shit
Asher Bell
Why are you not using 2 factor authentication?
Aiden Gonzalez
using google IS a vulnerability senpai
Dominic Lopez
Why do you have a Google account?
Aiden Wood
>phishing is considered news now hello neo/g/
Dylan Morgan
>currently exploitable security vulnerabilities are not relevant You're either too tech-illiterate to know how to use this information, or you're a naïve white-hat cuck.
Carter Cooper
My iPhone 6S does not have this problem.
Kayden Sanchez
It doesnt have anything useful either
Dominic Stewart
It has everything you need. Apple knows your needs. It's Apple after all. Apple.
Apple.
Ayden Perez
elaborate
Owen Rivera
You either give a valid phone number or use an android device. No thanks, I'll take my chances with the email being hijacked.
No idea. I just found this link when I searched websites for public google drive files and it has scary Russian text.
Landon Rivera
It's "download album бacтa 5 through torrent direct link" and a bunch of "downloaded, fine, thanks, you're the best, totally not malware". Or hell, who knows, maybe it's legit. VKontakte is a hive of warez in general, because Russian site. I think. I have torrents, so I never even tried to get anything from there.
Tyler Bell
>actually clicking a link somebody posted on Sup Forums
Jace Parker
>handing out your phone number to google
Elijah Anderson
>Letting Chinese log into your account without effort
Dylan Collins
I used to use google voice b/c of the free offer w/ sprint Then I realized every call log (not the call itself, but time, people and duration) was logged and there was not option to mass delete. I had to go by pages of 10 deleting for over two years worth of calls.
Kevin Allen
what a fucking waste of trips
Landon Bennett
No viruses on Linux. I guess the fact that I set up a sandbox for firefox just today might help a bit too. In the worst case scenario, it installs somewhere in home, somehow manages to get itself to run with no privileges (good luck), and then I kill it next time I go into htop and notice the suspicious daemon.
>Not porting your phone number to Project Fi for google phone service
Nathan Ward
He us is demonstrating that "continue" parameter can accept pretty much anything on google so you can make a fake page redirect to a trojan hosted on google servers.