What is Digg?Sponsored by Sony Pictures
Do you believe the 2012 Mayan Prophecy? view!
whowillsurvive2012.com - The Mayan Calendar predicts the end of time: 2012. See the trailer for 2012, opening November 13.
61 Comments
- claybird, on 10/11/2007, -5/+54This is proof of how broken digg has become, if you sit and wait people just keep digging. Damn diggers.
[/sarcasm] - actorboy, on 10/11/2007, -3/+48Yes, but there was a picture of a dog reassuring a kitty! Priorities, man!
- stuartcow, on 10/11/2007, -2/+31perhaps you spoke a bit too soon...
- Dested, on 10/11/2007, -4/+26If you have people monitoring your traffic I think you have more problems than encrypting your gmail password will solve.
- brasso, on 10/11/2007, -0/+19I had no idea that it was built in! I’ve always used the CustomizeGoogle extension for Firefox to do the same thing, but since it’s already there, why isn’t it enabled by default?
- Lancer383, on 10/11/2007, -0/+18I *think* GMail Notifier on Windows is set to send password securely by default. When I clicked the preferences menu, there was a box at the bottom of the screen that said "Use unsecure connections" but that was unchecked.
- DiddyWolf, on 10/11/2007, -1/+17Any equivalent option for the windows notifier?
- mrbudman, on 10/11/2007, -2/+17Um.. a simple sniff of your traffic shows this is not the case.. The login info is sent https..
There was a reason this should not be on the dugg -- it's FUD.. Use your fav tool to capture your traffic, wireshark, tcpdump - look for yourself.. I never see my username an or password in clear text going out the wire.
Buried as inaccurate. - dgh1973, on 10/11/2007, -1/+15This is not completely accurate folks... see for yourself:
sudo tcpdump -i en1 tcp port 443
[...]
10:01:10.944714 IP 192.168.105.106.49805 > an-in-f83.google.com.https: S 3840873356:3840873356(0) win 65535
For those that don't understand the output above, this is tcpdump showing that google notifier uses HTTPS to connect to gmail, meaning that it is NOT sending passwords over the network in the clear. This may apply to previous versions of the gmail notifier but the most recent version is doing things securely already. - inactive, on 10/11/2007, -0/+12MrBudman is correct. The login event is sent via https. "Fix" your unbroken "security hole" if you wish but you're not only wasting your time but you're adding cycles to your compy.
Buried as inaccurate. - blog4charity, on 10/11/2007, -3/+15the article comes from macosxhints.com so there's a hint for you
- santy, on 10/11/2007, -2/+13Here's a quick solution for windows users...
http://www.wikihow.com/Hack-Gmail-Notifier-to-Use-SSL - uptown, on 10/11/2007, -0/+11Yeah .... 'Cause I click on every directly-linked EXE file I find on the net.
- 137Scene, on 10/11/2007, -4/+15That's a handy feature for a security issue I didn't even know existed.
- zolaar, on 10/11/2007, -1/+12Mac people are always so friendly!
- inactive, on 10/11/2007, -1/+11Yes, isn't it terrible that it takes 19 hours for a story to get to front page?[/sarcasm]
- Bromskloss, on 10/11/2007, -6/+16It talks about a "Notifier menu". What is that?
Also it mentions "Command" and "Option", which sounds like Apple keys. What should the rest of us do? - MrHappy123, on 10/11/2007, -10/+19I don't play with toys anymore
- migitalwarfare, on 10/11/2007, -1/+10you don't deal with elitist morons, and yet, here you are name-calling and acting like you're better than someone else.
- matrixbandit, on 10/11/2007, -1/+10For you to say such a thing makes me wonder if you understand the basic concept of security at all. Try this sentence: "If there are people who might want to come into your house and steal your stuff, you have more problems than locking your doors will solve"
Maybe in some kind of philosophical sense, you're right, but I'm still going to lock my doors and run my sensitive traffic over secure connections when possible. I don't know, it just seems like the thing to do. - rello, on 10/11/2007, -5/+10Google Notifier is little software available for Windows and Mac OS X. On Windows the feature of being alerted when you receive a gmail message is already included in Google Talk, therefore I suppose few users are using Google Notifier for Windows. In addition to that, Google Talk default settings correctly implements security using https for browsing gmail website.
On Mac OS X the default settings of Google Notifier don't use https.
So good this tip is definitely for Mac OS X .... and also the website the tip is hosted on is a clear indication: http://www.macosxhints.com/ ..;-) - Phoenixfury, on 10/11/2007, -0/+4I use the Gmail notifier on Windows as well and just simply do not want to use Google Talk just to check my email. It would be nice to know 100% for sure if Gmail notifier is secured on a Windows PC.. Otherwise I guess I'll have to use Google Talk even if I don't wish to do so. It's better to be secure than sorry.
- brasso, on 10/11/2007, -0/+4Sorry for the double post, my first one didn’t show up so I rewrote it... seems like it was there anyway.
- inactive, on 10/11/2007, -2/+6Feeling like a bonehead higherlife?
- nonsequitor, on 10/11/2007, -2/+5Unless you're planning on going here: http://defcon.org
Then you would end up on the Wall of Sheep.
Ever use the net at a coffee shop?
Maybe you should pay attention in case someone changes your gmail password THEN uses it to reset your paypal password.
How about airport WiFi?
Do you ever automatically associate with access points?
There are people who create ad-hoc wifi networks with their laptop as the gateway to the internet, they can execute whatever man in the middle attack they want.
In conclusion, you sir are an idiot for suggesting that people not use the most secure method by default. - ubuwalker31, on 10/11/2007, -0/+3Give me a break. Any idiot on your network with a packet sniffer can read an unencrypted password...so, if you use gmail notifier at work or school, you have a problem, potentially. Or if you have a jealous spouse or child or in-law, etc.
- scabbers, on 10/11/2007, -0/+3Just for the record, if a person is using the same password for everything, (or even just more than one thing) they're going to be in a whole world of woe one day.
Passwords should be as strong as possible, long with random letters numbers and symbols.
Despite what some idiot "experts" say, writing down your passwords isn't bad. Just don't stick it on the screen in a post-it. - diggimator, on 10/11/2007, -0/+3You might want to check that: http://www.wikihow.com/Hack-Gmail-Notifier-to-Use-SSL (credits go to santy below)
I'm away from Windows machines right now, so I can't check myself. - nastysquar3d, on 10/11/2007, -2/+4Gmail Manager Firefox extension is my bread and butter.
- spyrochaete, on 10/11/2007, -1/+2This is my favourite one too. I set up my other email domains through the free Google Apps and this is the only extension that will check all those accounts for me.
- j0hneb0y81, on 10/11/2007, -0/+1fine. here http://gena.johneboy.com/
- thehigherlife, on 10/11/2007, -0/+1yes i am.
- haelios, on 10/11/2007, -0/+1Seems plausible, but can anyone with Ethereal or Wireshark confirm that this works?
- diggimator, on 10/11/2007, -0/+1Eh? On Windows, I have both installed and I only have Gmail Notifier run on startup for daily use. I just want the system tray notifier icon, not a chat app. (Most people I chat with don't use it anyway.)
- rello, on 10/11/2007, -0/+1Google Notifier for WIndows acts the same way as Google Notifier for Mac OS X. Basically the authentication is done securely, and all the other traffic is in clear.
- ascheinberg, on 10/11/2007, -1/+1I tried it. Notifier still works, although I haven't yet checked if it's actually using SSL.
- kg4asz, on 10/11/2007, -0/+0sounds like bull to me
- rello, on 10/11/2007, -1/+1user tvl at macosxhints made a good point here:
http://www.macosxhints.com/comment.php?mode=view&cid=88579
The authentication is done securely. Is all the rest (browsing/reading/writing) that is not using https.
So the tip is still useful and is also nice to know that our credentials were not sent in clear prior to applying the tip. - a7md2008, on 12/24/2008, -0/+0http://www.e22e.com
http://www.6rb6.com
http://www.c600c.com
http://www.9ii9.com
http://www.z600z.com
http://www.action-gm.net/vb
http://www.6rb6.com/cut390.html
http://www.6rb6.com/cut313.html
http://www.ya3mri.net
http://www.6rb6.com/sub360.html
http://www.6rb6.com/sub362.html
http://www.6rb6.com/sub366.html
http://www.6rb6.com/sub363.html
http://www.6rb6.com/sub364.html
http://www.6rb6.com/cut393.html
http://www.6rb6.com/sub361.html
http://www.6rb6.com/sub365.html
http://www.6rb6.com/sub367.html
http://www.x600x.com
http://www.9df7.com - totorototoro, on 10/11/2007, -1/+1I doubt Google would have left this security hole open...anyone have actual confirmation the passwords are sent unprotected?
- inactive, on 10/11/2007, -2/+1lol indeed. I was wondering if anyone was going to say that.
- ajvjdsa, on 12/18/2007, -1/+0 UNDERGROUNDSURVEILANCE IS BACK IN ASSOCIATION WITH ASTALAVISTA-SURVEILANCE ™
Wanting to know your friends password or is your girlfriend having an secret affair.or is your partner cheating you or u want to know what your child is doing online.for all the answers you only require the password.
how easy would it be if only u had their email password .now you can get the required password very easily just contact our agency that is the underground surveilance.
we get the passwords price you decide.
just SEND US A MAIL AT THE ADDRESS BELOW WITH YOUR DETAILS AND WHY U WANT THIS INFO....
undergroundsurveilance@gmail.com
WE ARE A GROUP OF HIGHLY QUALIFIED PROFESSIONALS IN INFORMATION TECHNOLOGY AND ADVANCED SECURITY TECHNOLOGIES ... WE COME TOGETHER TO PROVIDE SERVICE IN THE FOLLOWING PROBLEMS FACED BY MANY PEOPLE:
1)CHEATING BY SPOUSE.
2)CHEATING BY EMPLOYEE BY STEALING AWAY SECRETS AND PASSING THEM TO COMPETITORS.
3)CHILDREN SURFING INTERNET FOR A LARGE AMOUNT OF TIME.
4)HUSBAND SPENDING TIME ON THE NET WITH SOMEONE ELSE.
5)WIFE DATING THROUGH ONLINE DATING SITES.
SO IF YOU THINK THAT YOU ARE A VICTIM OF ALL THESE THINGS..THEN U MIGHT BE IN NEED OF PROFESSIONAL SURVEILLANCE LIKE US.
WE DO NOT DO BIG ADVERTISING AND OWN HI-5 INTERNET SITES.NOR DO WE MAKE USE OF SPECIALISED MARKETING LANGUAGE,WE ONLY CRACK PASSWORDS FOR A CAUSE AND THAT TOO FOR A REASONABLE PRICE ON THE INTERNET.
WE ONLY WANT TO TELL YOU THAT WE HAVE A VERY GOOD SUCESS RATE.AND WE ARE RELIABLE
REST ASSURED,WE DO NOT LET THE VICTIM KNOW ANYTHING ABOUT YOU.SINCE WE DONT MAKE USE OF ANY INFORMATION GIVEN TO US BY OUR CLIENTS,NOR DO WE PROVIDE INFORMATION PROVIDED BY YOU TO ANY THIRD PARTIES,WHO MIGHT THEN BLACKMAIL YOU OR POSSIBLY THREATEN YOU MONEY FOR MONEY.
WE GIVE OUR CLIENTS FULL CONFIDENTIALITY.
THE ACCOUNTS WE RECOVER PASSWORDS ARE OF :
1)YAHOO
2)HOTMAIL
3)MSN
4)GMAIL
AND A FEW OTHERS.
********************NO SCAM POLICY*******************
WE ALSO VERIFY THE PASSWORD BEFORE AND AFTER RECEIVING PAYMENT..AND ALSO BEFORE SENDING THE PASSWORD.
IF INCASE THERE IS A CHANGE THEN WE NOTIFY OUR CLIENTS ABOUT THE CHANGE AND STOP THE MONEY TRANSFER.AND WE START ALL OVER AGAIN TO GET THE PASS AT NO EXTRA COST....
WE STRICTLY DO NOT TAKE WEBSITE DEFACING ORDERS,AND ALSO NOT TAKE ANY ORDERS WHICH ARE USED FOR MISUSING THE INFORMATION WE GIVE YOU.
YOU CAN REQUEST OUR SERVICE AT THE FOLLOWING ADDRESS.WE ALSO HAVE SUPPORT IF YOU HAVE ANY QUERIES.
undergroundsurveilance@gmail.com
KEYWORDS :
hacking passwords, password hacking, email
password , hotmail passwords,
computer password hacking, computer
passwords,H@ckers, password protection, password,Reasonable ,proofs ,cheap,cheapest,very cheap,flirt,dating,investigation,partner cheating,business cheating,lover
generation, passwords, hack, hacking,girl,Site defacing,SQL implementation,boyfriend, hackers,GENUINE ,internet surveillance,SERVICES ,Extramarital Affair,Domestic Infidelity Adultery Investigations,
hack passwords, hack aol passwords, hack yahoo passwords, hack hotmail passwords, hack email passwords, how to hack, crack, phreak, cheat,computers, computers, utilities, utils,virus, mail, e-mail, crackz, cd, hacking info,informational hacking, information hacking, hack now hack hotmail password hack yahoo password hack Aol password hack MSN password crack msn passwordcrack hotmail password crack yahoo password crack aol password hack or crack any password withoutchange it,hack hotmail password hack yahoo password hack Aol password hack MSN password crack msn passwordcrack hotmail pasword crack yahoo password crack aol password hack or crack any password without change it,cheating,spouse,husband,girlfriend,infidelity. - MistaMatt90, on 10/11/2007, -2/+1Almost every site you use sends your info in clear text. Since tons of people use the same password for everything, they could easily get your gmail info from those.
- scabbers, on 10/11/2007, -2/+1Digg really is the noob central nowadays. I'm going back to Slashdot.
- slapthemonkey, on 10/11/2007, -3/+2Great feature.
- netwolfalpha, on 10/11/2007, -2/+1I use the Better gMail extension in Firefox which "forces Gmail connection (https)."
- seniorfrito, on 10/11/2007, -3/+2Yeah this is stupid. Not only is it incorrect, but the dude writing the tip is doing it only using Mac. So therefore anyone who doesn't use Mac is completely lost. It's not true guys, buried for stupidity.
- mablco, on 10/11/2007, -3/+2shut up!
- scabbers, on 10/11/2007, -5/+3Oh wait this is a mac thing, nevermind... maybe some ***** has made gmail notifier unsecure on mac. Fail.
Digg is forgiven. -
Show 51 - 62 of 62 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is