Well, I am sure it is on their (and several others like Yahoo) to do list since quite sometime. Performance as we read in the article is the major concern. It all boils down to business in the end. Many love Gmail for it's speed. Rare are those who look into what we are looking at. Unless there are some business feasible technological advancements or users themselves demanding it more religiously, this is going to take some time.
Having said that it is delighting that Google is hearing & making an effort to see what it could do. Cheers! On Sat, Jun 27, 2009 at 6:44 PM, Soi, Dhruv<[email protected]> wrote: > Post wasn't about the issue rather about the google's initiative to > remediate...Though, dates are still not available so till then enjoy the > hits at your blog :-) > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Bishan Singh > Sent: Thursday, June 25, 2009 12:17 PM > To: [email protected] > Cc: [email protected] > Subject: Re: [Owasp-delhi] Google to enhance gmail and cloud apps security > which isn't that secure, yet > > Dhruv - I had posted an analysis of the issue on my blog in May last > year. Here is the link > http://bishankochher.blogspot.com/2008/05/gmail-session-hijacking-in-7steps. > html > > This issue is not related to Gmail alone. I had successfully > demonstrated it for Yahoo & several other financial apps (during pen > tests I was hired for) > > It is nothing new but the impact is grave considering the mobility we > live with these days. > > > On Thu, Jun 18, 2009 at 2:39 PM, Soi, Dhruv<[email protected]> wrote: >> > http://blog.taragana.com/index.php/archive/google-to-enhance-gmail-and-cloud > -apps-security-which-isnt-that-secure/ >> >> _______________________________________________ >> Owasp-delhi mailing list >> [email protected] >> https://lists.owasp.org/mailman/listinfo/owasp-delhi >> >> > _______________________________________________ > Owasp-delhi mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-delhi > > _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
