Friday, April 23, 2010

What The Theft Of Google's Gaia Code Means To You

The New York Times recently reported that the attacks against Google late last year netted the source code to Google's single sign on systems, Gaia. The danger that the Times mentions and then dismisses - that the hackers would insert a back door into Gaia - truly is unlikely. Instead, the greater danger is that exposed source code will allow a deeper analysis of potential flaws in the code. If the multi-site single sign on code does have flaws that can be leveraged, this could mean that the advantages of Google's spreading multi-site single sign on are also a major security hole.

The most interesting part of the article is how targeted the attacks were:

"the intruders seemed to have precise intelligence about the names of the Gaia software developers, and they first tried to access their work computers and then used a set of sophisticated techniques to gain access to the repositories where the source code for the program was stored."
The level of sophistication of the attacks, and the targeting of Google's source code may point to a far more intelligent and dangerous attack than we in the security industry are used to, even with the advanced persistent threats that are becoming more common.

The question: What comes next?


Unknown said...

I normally believe that important pieces of code shall be reviewed in public domain, but when a company has kept it obscured by secrecy, and have written code that you might fear isn't up to standard, then it is perhaps a too brisk awakening to meet professional thieves.

And, how wrong it might be conceived, it is not surprising that organized crime invest time and effort into Google's code base.

The scary part of this story is that the sorry state of sw development hasn't improved.

Anonymous said...
This comment has been removed by a blog administrator.