{"id":4371,"date":"2005-01-14T20:26:25","date_gmt":"2005-01-14T19:26:25","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=4371"},"modified":"2005-01-14T20:26:25","modified_gmt":"2005-01-14T19:26:25","slug":"les-indiscretions-de-gmail-a-son-insu","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=4371","title":{"rendered":"Les indiscr\u00e9tions de Gmail… \u00e0 son insu"},"content":{"rendered":"

Une faille de s\u00e9curit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le service de webmail de Google, permettant d’intercepter les messages des utilisateurs.\n<\/p>\n

C’est en travaillant sur un script de liste de diffusion que des d\u00e9veloppeurs du site HBX Networks ont accidentellement d\u00e9couvert la faille : en envoyant \u00e0 plusieurs correspondants ainsi qu’\u00e0 soi-m\u00eame un simple e-mail, il est possible de d\u00e9tourner les messages d’utilisateurs de Gmail, le service de webmail de Google offrant 1 Gigaoctet d’espace de stockage.<\/p>\n

Apr\u00e8s avoir envoy\u00e9, via leur script Perl, une newsletter de test vers leurs propres bo\u00eetes Gmail, les d\u00e9veloppeurs ont eu la surprise de d\u00e9couvrir dans le champ \u00ab\u00a0Reply to\u00a0\u00bb (\u00ab\u00a0R\u00e9pondre \u00e0\u00a0\u00bb) du code HTML, qui s’est av\u00e9r\u00e9 \u00eatre un message – ou du moins une partie de ce message – venant de la bo\u00eete d’un des destinataires de la lettre.<\/p>\n

A la d\u00e9charge de Google, rappelons que son service de webmail est pour le moment toujours en phase de test. La soci\u00e9t\u00e9 high-tech californienne n’a pas encore r\u00e9agi \u00e0 cette vuln\u00e9rabilit\u00e9 \u00e0 l’heure o\u00f9 nous \u00e9crivons ces lignes.<\/p>\n

[source – vnunet.fr] Jean-Michel Manat<\/p>\n","protected":false},"excerpt":{"rendered":"

Une faille de s\u00e9curit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le service de webmail de Google, permettant d’intercepter les messages des utilisateurs.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-4371","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/4371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4371"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/4371\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}