Google needs to go back to the drawing board, as Password Alert is hacked in 24 hours

By Chris Stobing May 1, 2015

Well, that didn’t take very long.

Not even a day after its debut, a proof-of-concept exploit has been posted which fools Google’s push to protect people’s passwords from phishing attempts through a new extension in Chrome.

“It beggars belief,” said Paul Moore, an information security consultant at UK-based Urity Group who wrote the exploit. “The suggestion that it offers any real level of protection is laughable.”

The Password Alert extension was supposed to be able to keep an active eye on phishing attempts by scanning databases of known threats, and running them against any pages that asked for your Google account to login.

Some were hoping the extension could usher in a whole range of companies taking advantage of similar services, especially those like Facebook and Twitter which lease out their logins to destinations all across the web.

But, just by simply removing the Javascript block which controls the warning banner that pops up when a fraudulent site is detected, Moore was able to fool the extension into thinking his set-up phishing portal was a legitimate resource.

Google responded to the problem by quickly updating its service to block that specific route of entry, but just a day after that, Moore returned with a second crack which circumvented both updates without fail.

This iteration works by refreshing the page after every character is typed in, which fools the warning system into thinking the full password was never entered in the first place.

Luckily for the rest of us, Moore is on the good guys side of this fight, and was more than willing to rub Google’s noses in its mistakes before widely publishing the details of his work so the whitehat community could provide a temporary fix to compensate.

If you ask us, Google probably needs to hit the whiteboard a little harder before they roll out crucial services like this, lest all our passwords end up in the hands of the enemy first.

Editors' Recommendations

Topics

Former Digital Trends Contributor

Self-proclaimed geek and nerd extraordinaire, Chris Stobing is a writer and blogger from the heart of Silicon Valley. Raised…

Computing

Best HP laptop deals: Get a 17-inch workhorse for $370 and more

An open HP Spectre x360 16 sits on a table, angled so that the screen and keyboard can be seen.

HP is one of the best laptop brands on the market, and if you're thinking of picking up a new laptop, then you may want to consider one of its many varieties of laptops. Not only that, but HP usually has some form of deal going on each of its sub-brans, so whether you're looking for an HP Omen gaming laptop or a Spectre X360 2-in-1 convertible, you'll likely find a good deal on it. Of course, it can be hard to navigate the dozens of different types of laptops HP has, which is why we've gone out and collected some of our favorite deals to help save you the trouble. That said, if you can't find quite what you're looking for below, be sure to check out these other great laptop deals and gaming laptop deals as well.
HP Laptop 15z -- $250, was $500

If you need a budget laptop for basic tasks, you can't go wrong with the HP Laptop 15z. With its AMD Athlon Silver 7120U processor, AMD Radeon Graphics, and 8GB of RAM, it's going to be a dependable device for doing online research and working with productivity apps. The laptop features a 128GB SSD with Windows 11 Home pre-loaded, and a relatively large 15.6-inch HD screen for its low price.

Computing

Some Intel CPUs are about to take a big performance hit, report says

Intel's 14900K CPU socketed in a motherboard.

High-end Intel CPUs are about to lose some significant performance, according to a new report from BenchLife (via VideoCardz). The outlet claims Intel has sent guidance to motherboard partners to implement the Intel Default Settings on Z790 motherboards, following a wave of reports of instability on recent high-end Intel CPUs.

According to the report, these default settings will enforce a PL2 of 188 watts. Intel maintains power limits (PL) for its processors. PL1 is the base power, or the power that the processor can sustain for long periods of time. PL2 is the maximum boost power, which the processor can hit for brief spurts when under a heavy load.

Computing

Best Buy laptop deals: Cheap laptops starting at $159

Apple M1 MacBook Air open on a desk with plants in the background.

If you’re looking for an affordable laptop, Best Buy is a great outlet to turn to. It carries some of the best laptops on the market, and often you’ll find many of the best laptop deals taking place at Best Buy. And while it’s a great place to land some savings on almost any device, including tablet deals, headphone deals, and smartwatch deals, the Best Buy laptop deals you can shop right now are worth taking a look at. Among them you’ll find many quality laptop options at some of the best prices we’ve seen, so read onward for more details. And if Best Buy doesn’t have what you’re looking for, you can check out some of the best Amazon deals and best Walmart deals, where you’ll also find a discounted laptop or two.
HP 14-inch laptop — $159, was $180

The HP 14-inch laptop is a fast and fun computing device. It's a great option for anyone searching the best laptops for high school students or the best laptops for college. It has an Intel Celeron processor and 4GB of system RAM that combine to push through homework assignments, work presentations, and hours upon hours of binge watching. The 14-inch screen sports HD resolution and makes this HP laptop a great way to enjoy movies, photos, and other digital content. The HP 14-inch laptop is able to reach up to 14 hours of battery life on a single charge, making it a great all-day option for people who like to do their work on the go.