Thursday, October 8, 2009

Is outsourced email fundamentally insecure?

How secure can you make a hosted service? I was reading about the recent Hotmail/Google username blunder and the thought struck me that the security model might be fundamentally flawed. After all, if they force the use of an email address as a login identity then you have automatically given away your login identity to everyone whom you have sent an email, and by extrapolation a hacker could figure out the login for most other employees in your company eg

'Let's see now... if "John Smith" becomes "jsmith@xyz.com" then his boss "Rita Rose" should be "rrose@xyz.com".'

The same article pointed out that around 40% of people had the same password for every website they used and when you consider that most people on that list had a very simple password then it shouldn't take too long for a dedicated hacker to get external web access to a couple of email accounts in your corporate system.

Am I missing something here or is this a time bomb waiting to explode in Google's face?
.

2 comments:

Gavin Bollard said...

I don't really see how this is Google's problem.

People who use stupid passwords and who don't change them are the same as people who don't bother locking the doors when they leave their house.

They're responsible. Not the provider.

As to the user name... Usually, it's pretty simple to figure out other people's logons to all kinds of systems.

Notes is (sometimes) more secure, except when you have a network folder (or diskette) full of people's IDs with the password set to "password"... and someone gets disgruntled...

Graham Dodge said...

@Gavin,

At the risk of playing semantics, I believe that this issue is quite clearly Google's problem although you may be justified in claiming any actual security breach it is not their fault. If this email=username model assists a hacker to create a massive security breach then I believe that the Google SAAS model will incur quite bad PR as a result.

Whether the security failure is Google's fault or not will be quite irrelevant to the rapid spreading of that bad PR.

.