VULNERABILITY COULD ALLOW ATTACKERS TO STEAL USER'S CREDENTIALS OR EVEN PUSH ARBITRARY FILES
>We've investigated your submission and made the decision not to track it as a security bug. Only first reports of technical security vulnerabilities that substantially affect the confidentiality or integrity of our users' data are in scope, and we feel the issue you mentioned does not meet that bar.
Other urls found in this thread:
accounts.google.com
youtube.com
Sup
reddit.com
twitter.com
Time to hack some Jewgle users! ;^)
holy shit how are they not considering this a vulnerability
Can anyone confirm if this actually works?
So basically I can create a website that looks like Google's login. Inject the url of it into the legitimate login page. When someone fucks up their password, it redirects to mywebsitefakelogin.com. They input their credentials there, and it goes to my database instead.
That's what I got out of it?
Jesus christ, Google isn't consider this a security bug at all? What the fuck? Meeting that bar? Just fuck my shit up, senpaitachi
Google's services are such a bloated clusterfuck
they need to gather everything in 2-3 sites max
i dont think they even have to get it wrong. any password they put in to it it redirects them is what i am led to understand.
I literally just changed my password yesterday because someone from texas logged into my account
Fuck you google, at least it's full of spam and shit
Why are you not using 2 factor authentication?
using google IS a vulnerability senpai
Why do you have a Google account?
>phishing is considered news now
hello neo/g/
>currently exploitable security vulnerabilities are not relevant
You're either too tech-illiterate to know how to use this information, or you're a naïve white-hat cuck.
My iPhone 6S does not have this problem.
It doesnt have anything useful either
It has everything you need. Apple knows your needs. It's Apple after all. Apple.
Apple.
elaborate
You either give a valid phone number or use an android device.
No thanks, I'll take my chances with the email being hijacked.
What am I looking at? It's a PDF
>Not using 2 step authentication
Wew
No idea. I just found this link when I searched websites for public google drive files and it has scary Russian text.
It's "download album бacтa 5 through torrent direct link" and a bunch of "downloaded, fine, thanks, you're the best, totally not malware".
Or hell, who knows, maybe it's legit. VKontakte is a hive of warez in general, because Russian site. I think. I have torrents, so I never even tried to get anything from there.
>actually clicking a link somebody posted on Sup Forums
>handing out your phone number to google
>Letting Chinese log into your account without effort
I used to use google voice b/c of the free offer w/ sprint
Then I realized every call log (not the call itself, but time, people and duration) was logged and there was not option to mass delete. I had to go by pages of 10 deleting for over two years worth of calls.
what a fucking waste of trips
No viruses on Linux.
I guess the fact that I set up a sandbox for firefox just today might help a bit too.
In the worst case scenario, it installs somewhere in home, somehow manages to get itself to run with no privileges (good luck), and then I kill it next time I go into htop and notice the suspicious daemon.
>youtube.com
how the fuck did he come up with that
Not falling for it
>No viruses on Linux.
Hey, hey buddy.
Hey. Lookat this.
Sup Forums.reddit.com
>Not porting your phone number to Project Fi for google phone service
He us is demonstrating that "continue" parameter can accept pretty much anything on google so you can make a fake page redirect to a trojan hosted on google servers.
reddit.com
SURPRISE
>using the smiley with a carat nose