Google email encryption key turned vulnerable as mathematician Zachary Harris breaks company's code
35-year-old American mathematician Zachary Harris of Jupiter, Florida, received a weird email from a Google recruiter and thought he was required to test websites safety. In fact he ended up decrypting the code of world’s most important search engine.
Harris believed he received a job test, writes Wired magazine. “You obviously have a passion for Linux and programming. I wanted to see if you are open to confidentially exploring opportunities with Google?”, the strange email read.
Harris was intrigued but skeptical, since the message arrived in mid-December, and the math guy did not think at all he would fit the required profile. So he wondered whether the email was a hoax.
He examined the information in the email code and noticed that the email was legitimate. Furthermore Google was using an DKIM (DomainKeys Identified Mail) encryption key that made sender’s authentication very vulnerable, which meant that everyone could be able to break the code and send e-mails on behalf of Google and even founders Sergey Brin and Larry Page. Therefore Zach decided to greet Google.
Hereafter is the detailed email sent by Zach Harris to Google bosses:
Hey Larry,
Here’s an interesting idea still being developed in its infancy:
http://www.everythingwiki.net/index.php/What_Zach_wants_regarding_wiki_technology
or, if the above gives you trouble try this instead:
http://everythingwiki.sytes.net/index.php/What_Zach_wants_regarding_wiki_technology.
I think we should look into whether Google could get involved with this guy in some way. What do you think?
-Sergey
Source: Wired.com
Math expert Zach Harris, 35, of Jupiter, Fl. managed to break Google's weak cryptographic key used to certify senders authenticity. Photo:Brynn Anderson/Wired
Sorry, the comment form is closed at this time.