Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Hacking Google accounts


Demons Halo's Avatar
Member
0 0

as we all know, the same Google account can give you access to all of Google's services. Google+, android market, gmail, google analytics, etc.

Now considering that Google use something similar to memchached in order to handle multi-service login status, I can't help myself from wondering: is it likely that some hacker group tries to hack that system and actually succeed?

Obviously Google use advanced security measures, yet still I want to hear your opinion on this subject. Are Google accounts hackable on a massive scale?


spyware's Avatar
Banned
0 0

>_<


Demons Halo's Avatar
Member
0 0

spyware wrote: >_<

thnx for your valuable input! you are such a charming woman!


ghostraider100's Avatar
Member
0 0

Who knows you should ask the hacker team who is going to hack gmail accounts.:):o


ghost's Avatar
0 0

Demons Halo wrote: as we all know, the same Google account can give you access to all of Google's services. Google+, android market, gmail, google analytics, etc.

Now considering that Google use something similar to memchached in order to handle multi-service login status, I can't help myself from wondering: is it likely that some hacker group tries to hack that system and actually succeed?

Obviously Google use advanced security measures, yet still I want to hear your opinion on this subject. Are Google accounts hackable on a massive scale?

I have spoken to one of the leading Google Security employees (in person), and I honestly doubt that any 'Hacker Group' whom you might as well refer to as 'Skiddie Group' will be able to pull off that trick. It is quite likely secured the same as a bank.

Basic Bank Security.

Different Operating Systems and Software, to get to the actual database you will have to penetrate through a few different systems.

Monthly pentesting, avoids the usage of 'known' exploits, therefore you need to be incredibly good with exploits yourself.

Intrusion Detection Systems (IDS) on hardware level.

Choke Points (Specific points you have to go through, but are extra secured).

There is of course a De Militarized Zone (DMZ) firewalled between the web- server and the rest of the network.

A lot of whitelisting (Hopefully do not have to explain this one).

There is one- way traffic logs, thus you cannot delete those.

I will quit listing things before I am writing a small book, but those are the most basic things. I think you got your answer, hopefully..


Mb0742's Avatar
Ultimate Headshot
0 0

Not to mention process will be running under a specific account. (it's how I would do it)

Lets say apache2 for example.

It will be running under minimal rights account that can access the www folder. Fork limits

I can guarantee the mysql server has built in query checking.

Whoops forgot to include the point of this post. "May as well be impossible"


shadowls's Avatar
You Like this!
90 0

*LOCKED