+ - How a Google Headhunter's E-Mail Unraveled a Massive Net Security Hole->
Submitted
by
concealment
concealment writes "The problem lay with the DKIM key (DomainKeys Identified Mail) Google used for its google.com e-mails. DKIM involves a cryptographic key that domains use to sign e-mail originating from them – or passing through them – to validate to a recipient that the header information on an e-mail is correct and that the correspondence indeed came from the stated domain. When e-mail arrives at its destination, the receiving server can look up the public key through the sender’s DNS records and verify the validity of the signature.
Harris wasn’t interested in the job at Google, but he decided to crack the key and send an e-mail to Google founders Brin and Page, as each other, just to show them that he was onto their game."
Link to Original Source
Harris wasn’t interested in the job at Google, but he decided to crack the key and send an e-mail to Google founders Brin and Page, as each other, just to show them that he was onto their game."
Link to Original Source
How a Google Headhunter's E-Mail Unraveled a Massive Net Security Hole More Login
How a Google Headhunter's E-Mail Unraveled a Massive Net Security Hole