Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Google Privacy Communications Security Your Rights Online

Google Warning Gmail Users On Spying From China 215

Trailrunner7 writes "Google is using automated warnings to alert users of its Gmail messaging service about widespread attempts to access personal mail accounts from Internet addresses in China. The warnings may indicate wholesale spying by the Chinese government a year after the Google Aurora attacks, or simply random attacks. Victims include one leading privacy activist. Warnings appeared when users logged onto Gmail, encountering a red banner reading, 'Your account was recently accessed from China,' and providing a list of IP addresses used to access the account. Users were then encouraged to change their password immediately. Based on Twitter posts, there doesn't seem to be any pattern to the accounts that were accessed, though one target is a prominent privacy rights activist in the UK who has spoken out against the Chinese government's censorship of its citizens. A Google spokesman declined to comment on the latest warnings specifically. The company has been issuing similar warnings since March, when it introduced features to identify suspicious account activity."
This discussion has been archived. No new comments can be posted.

Google Warning Gmail Users On Spying From China

Comments Filter:
  • I got this (Score:5, Informative)

    by kerashi ( 917149 ) on Saturday September 25, 2010 @05:51PM (#33699294)

    I got the warning about being accessed from China. Unfortunately, it came 2 days after I became aware of my gmail account and World of Warcraft account both being compromised. By that time I had already changed the password, and had Blizzard restore my stuff.

    • I don't know what happened, but I do remember when trying to paypal something, everything was Chinese. Luckly I was running Avast's VM service and everything reset when I closed my browser. It looks like it was redirecting my dns quirys. I also got hit with the gmail red banner too, but I suspect they were only able to access it because I was going though china using the cookie. Changed all my passwords in case though:P

      I picked up a Mikrotek router for cheap and now I am blocking all of China's IP range

    • Ditto. For me it was Steam. 10 games in all. Either Valve is aware of this particular problem right now or this is a typical response, but the response time, efficiency and, professionalism surprised me. I did make a good ticket first off I think, but I was giving it 50/50 success at best, with no response would not have shocked me. I am glad Valve was up with the play.
  • by joeflies ( 529536 ) on Saturday September 25, 2010 @05:52PM (#33699302)

    Let's see - I have never been in China and don't plan to go in the near future - maybe if Google added a feature that allows me to CONTROL what countries I can access it from, it could alleviate a lot of this problem.

    I'm sure those crafty hackers will find a way around it and divert through a US waypoint, but there's no need for my account to have broad access from countries I am never going to access it from.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      They'd just go through a US proxy... That's no help at all.

      • Going through a proxy (crowded, busy, high traffic, concentrated) makes hack attacks that much more difficult. From the defense standpoint, proxies may be known (lists of know proxies are widely available), detectable (reverse operations), or identifiable via patterns (large volumes of traffic or attack from a single or narrow IP band not otherwise known).

        You do highlight the point, however, that patterns of behavior are what are critical. You want to see who's coming in, from what IP ranges, whether or

      • They'd just go through a US proxy... That's no help at all.

        Do you still lock your car doors even though a window is easy to smash?

      • The proposed feature would be more useful if one could specify a list IP ranges (via subnet masking) from which login requests are permitted while silently blocking all of the rest. For example, all IPs not white listed in this manner should present the login screen, but fail silently with the "incorrect username or password" message, even if the correct username and password are used, so that attackers would receive no useful distinguishing information about the failed attempt. This feature would raise t
    • I'm sure those crafty hackers will find a way around it and divert through a US waypoint, but there's no need for my account to have broad access from countries I am never going to access it from.

      Please allow me to provide an alternative summary of your statement: Though it certainly wouldn't do any good, why not respond by stripping innocent people of freedoms they now have?

      What, sir, were you thinking when you wrote this?

      • If I turn on the option to hide AC posters, Slashdot is stripping my freedoms? Really? Or it's stripping their freedoms to throw their comments into my brain?

        I don't care if someone in China has the freedom to access my account, and I think your reading comprehension may have been on the fritz.

    • by Jah-Wren Ryel ( 80510 ) on Saturday September 25, 2010 @08:06PM (#33700138)

      Let's see - I have never been in China and don't plan to go in the near future - maybe if Google added a feature that allows me to CONTROL what countries I can access it from, it could alleviate a lot of this problem.

      I'd rather have out-of-band notifications of access - kinda like the way some banks do for their credit card accounts.
      For example - I'd like to get a text message everytime someone logs into my account and everytime some major change is made - like setting up an auto-forward or changing the password.

    • by houghi ( 78078 )

      It would indeed be great to know if the US was reading my mail or not and not only China.
      Down side is that the US read it by looking at traffic, not by hacking my account. (HI MOM)

  • by mykos ( 1627575 ) on Saturday September 25, 2010 @05:54PM (#33699322)
    Go ahead and comply with government demands, but tell the common people what the government is doing to them. I like it.
    • Actually, I think the article said China is hacking into users' accounts, not that Google is giving China access. They're just deploying a sort of end-user level Intrusion Detection System [wikipedia.org]. They're letting users know what the government (not necessarily their government) is doing, but they're not cooperating. It's definitely a step in the right direction, although it would also be nice to add some access control as well, such as "only access from this IP address", "deny access from IP addresses in these cou
  • I guess they're not very successful at it.
    • Re: (Score:2, Funny)

      by Rogerborg ( 306625 )
      He should get together with Julian "nobody but me deserves to have secrets" Assange, and together they could try to make two useful people, or failing that, a crate of Soylent Green.
    • by Sycraft-fu ( 314770 ) on Saturday September 25, 2010 @06:39PM (#33699618)

      Specifically you are confusing privacy and anonymity. Many geeks seem to think the right to privacy is the same as the right to remain anonymous and they aren't at all. The government has rules that there is a right to privacy implied in the Constitution, but they have never ruled there is a right to anonymity best that I know.

      So what's the difference? Privacy means being able to shield what you are doing from others, if you choose. I currently have complete privacy. I am alone, in my home. That means what I am doing is not something anyone can find out, unless I let them. My actions and thoughts are as private as I wish them to be. However I'm not anonymous. Anyone who did even cursory (and fully legal) surveillance could determine what house is mine and that I am presently at home. I am in no way anonymous in my actions, just private.

      The flipside of that would be a couple having sex in a park, wearing full face masks. They would have no privacy, but would have anonymity. There would be no doubt in anyone's mind what was going on if they looked over. However as to who was doing it, well that would be a mystery. The people doing it would be anonymous, but not private.

      Of course you can easily find other situations that you have both or neither.

      So as it applies to these activists that they are known doesn't mean they aren't successful at being private. They aren't anonymity activists, they are privacy activists. They advocate that you should be able to do things and not have the government (or others) spy on you. they are not advocating you should be unknown, a cipher to all.

  • A couple months ago, out of the blue. I changed my password of course
  • by srussia ( 884021 ) on Saturday September 25, 2010 @06:01PM (#33699372)
    I use a Chinese proxy server!
  • I was one such victim, but for me the hijacking occurred about two months ago. Lucky for me it wasn't used to send millions of malware-laden spam messages; only several dozen messages were sent (all in Chinese), and it didn't look like any attempt was made to filch information from my archives. Google did warn me at the time, and there have been no obvious consequences since I regained control of the account.

  • Hypocrites (Score:3, Insightful)

    by guspasho ( 941623 ) on Saturday September 25, 2010 @06:06PM (#33699400)

    I'm not worried about China, I'm worried about my own government spying on me with Google's cooperation.

  • by Darkman, Walkin Dude ( 707389 ) on Saturday September 25, 2010 @06:11PM (#33699430) Homepage
    Parsing your data for profit, et cetera...

    Or is that okay in free market halfassery?
  • Maybe because they added a lot of random targets to disguise the real target(s). I'd definitely do more than 100 distractions attacks per real attack just to confuse my opponents.
  • There's a really easy way google can mitigate a lot of these problems. They could cooperate a little bit with someone who wants to make a firefox plugin that would encrypt people's email.

    I know that goes against their business model, which lets them use people's emails to tailor search results and target ads. And it would probably piss off a number of governments. But in reality, almost no one would actually take the trouble to encrypt their mail, and it would allow people who really needed the privacy t

  • by Anonymous Coward

    I don't ever expect to use my Gmail from China.

    I very rarely use my Gmail from anywhere outside the US.

    I'd like to block ALL COUNTRIES from my Gmail, except the US. Then when I travel, I can add the country I am going to visit - for as long as I'm there.

    Ideally, this function could tie in to my World Mate app on the BlackBerry - it knows when I am out of the country or not.

    • Re: (Score:3, Interesting)

      by MarcoAtWork ( 28889 )

      not only all countries but my own, I would like to be able to whitelist to

      - my work IP
      - my home internet provider

      and that's it, if I travel I can always stop restrictions temporarily, but there should be no reason why any location but the two above should be able to access my email account on a regular basis.

      If Google wanted to make things simpler for users, you could also have the option to restrict by geolocation, given how good it is nowadays it should be trivial to say 'allow connections only from this

  • When those anti-government activists use easy-to-guess passwords like "FreeTibet" and "FalunGong4evah", of course their Google accounts are going to get hacked...

  • Pretty Good Privacy? (Score:3, Informative)

    by janwedekind ( 778872 ) on Saturday September 25, 2010 @06:52PM (#33699698) Homepage

    There are GPG plugins for most e-mail clients. E.g. there's Enigmail for Thunderbird. People just need to use them.

    • by CSMatt ( 1175471 )

      Yeah. Let me know when their use is simple enough for 95% of the populace to handle, and when Webmail access that is independent of the browser/computer they are using and isn't implemented at the ISP level is possible.

      It's not so simple and clean-cut as you make it sound. If it's an extreme hassle to remain secure and/or private then most people won't bother until it becomes easier. And even then you have to get them to care without sounding paranoid.

At work, the authority of a person is inversely proportional to the number of pens that person is carrying.