3 Replies Latest reply on May 10, 2017 2:47 PM by Anonymous

    Google accounts are almost open for corrupted governments: a security bug and its resolution

    Anonymous

      Whenever the password of an account is forgotten or hacked, there are different ways to recover/renew the password. One of these ways is using the mobile phone number. In this method, the owner of the account that has registered a mobile phone number in the account, receives a code/key by SMS. Using this code, the password can be changed, and a complete access to the account is provided. Nonetheless, such a key is not very secure. This is because of the access of the corrupted governments to the mobile network contents, specifically the SMS.

      In the link below you can find a PDF file which I have provided to describe this security bug in detail as a real and schematic process. The resolution to this bug is also mentioned.

      https://drive.google.com/file/d/0B8AqjYFfBKw0MGFRTWduQWhRanM/view?usp=sharing

      Unfortunately, I am not allowed to create an idea in the "feature ideas" section of the Google cloud connect. Please do not hesitate to share/discuss/follow this idea. Donations to a person sending an idea to Google from the middle east (Iran) is also well appreciated . In accord with our globalized world, it is not possible to transfer money to Iran!! You can transfer it to the VISA card number: 4283 3220 0186 6548 (card holder is not me, and is in Malaysia), or just send an email to me  kamal.hajian@gmail.com.