• On GameSpot: So-called 'Halo killer' gets 23 to life
August 1, 2008 1:51 PM PDT

Security Bites 110: Breaking Google Gadgets

by Robert Vamosi

From gadgets that slide-show pictures of vacations past to calendars that show events in the future, Google Gadgets look cool. But they also have the potential to contain vulnerabilities like anything else within Web 2.0.

By design, Google Gadgets allow scripted code to be uploaded by the end user, creating interesting new attack vectors for those with malicious intent.

CNET's Robert Vamosi talked with Robert Hansen (aka Rsnake), chief executive of SecTheory, and Tom Stracener (aka Strace) of Cenzic. Both will be presenting a talk called "Xploiting Google Gadgets: Gmalware and Beyond" at the annual Black Hat conference in Las Vegas next week.

During the talk, they plan to disclose a zero-day vulnerability in Google Gadgets that will make Gmalware (Gmodules-based malware) a significant threat.


Listen now: Download today's podcast

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

Security,

Podcasts

Tags:

security,

Security Bites,

Robert Hansen (Rsnake),

Tom Stracener (Strace),

Google Gadgets,

Gmail,

Web 2.0

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security Bites podcast
Security Bites 122: IBM sees security challenges ahead
Security Bites 121: What Microsoft's Geneva means for online IDs
Security Bites 120: When social networks host malware
Security Bites 119: Does the Internet need its own Interpol?
Security Bites 118: Voting in America
Security Bites 117: How 'Clickjacking' attacks hide behind the mouse
Security Bites 116: Investigating data breaches
Security Bites 115: Inside ID fraud's underground forums
Related
Zero-day flaw found in Web encryption
Week in review: Data loss disasters
Critical Windows 7 holes fixed in record Patch Tuesday
The 404 452: Where we built this podcast on rock and roll
Microsoft to patch zero-day SMB, IIS holes
CNET News Daily Podcast: Much ado about extended warranties
CNET News Daily Podcast: Snow Leopard and Win 7 faceoff
Q&A: Eric Schmidt wants Google in your office
Add a Comment (Log in or register)
by jef5623 August 3, 2008 11:20 PM PDT
Google Gadgets have to look into its security vulnerabilities if they are to enter the 7th age of computing
Reply to this comment
by benjaminstraight August 4, 2008 3:50 AM PDT
There is a risk, like every other app.
Reply to this comment
Subscribe to the Security Bites podcast

Subscribe to this podcast using an RSS reader other than iTunes

Subscribe to this podcast using iTunes

advertisement

FAQ: Buying the right Windows 7 upgrade

Readers still have lots of questions on just which version of the software they need to buy in order to upgrade their PC. CNET News tries to offer some answers.

N.Y. lawsuit details Intel's 'largesse' toward Dell

Attorney General Andrew Cuomo's federal antitrust case filed Wednesday alleges a longstanding symbiotic relationship between Intel and Dell.

About Security Bites podcast

Backdoors, pharming, botnets, phishing, rootkits, viruses, worms. Feeling vulnerable? Every Friday, CNET.com's Robert Vamosi will tell you about the latest security threats, what's coming, and how to protect your system.



View all Security Bites podcast episode blog entries

Add this feed to your online news reader

Security Bites podcast topics

Related links
Robert's Defense in Depth blog
CNET's Security Center
Security news
Security blogs
Spyware, viruses, & security forum
Top security and spyware downloads
Other CNET podcasts
Meet the host of Security Bites
Robert Vamosi Robert Vamosi has appeared on CNN, NBC, ABC, MSNBC, and various other media outlets as an expert on computer viruses, spyware, identity theft, phishing, and other criminal activities on the Internet.
advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET