Security Bites 110: Breaking Google Gadgets

This week's podcast guests are Robert Hansen and Tom Stracener, who plan to disclose a zero-day vulnerability in Google Gadgets at Black Hat next week.

From gadgets that slide-show pictures of vacations past to calendars that show events in the future, Google Gadgets look cool. But they also have the potential to contain vulnerabilities like anything else within Web 2.0.

By design, Google Gadgets allow scripted code to be uploaded by the end user, creating interesting new attack vectors for those with malicious intent.

CNET's Robert Vamosi talked with Robert Hansen (aka Rsnake), chief executive of SecTheory, and Tom Stracener (aka Strace) of Cenzic. Both will be presenting a talk called "Xploiting Google Gadgets: Gmalware and Beyond" at the annual Black Hat conference in Las Vegas next week.

During the talk, they plan to disclose a zero-day vulnerability in Google Gadgets that will make Gmalware (Gmodules-based malware) a significant threat.


Listen now: Download today's podcast

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

The new Moto 360 looks more like a watch than a smartwatch

CNET's Dan Graziano gives you a first look at the brand new Moto 360.

by Dan Graziano