Aug 212007

Rediff, Sharekhan, Indiatimes blown up!

General, Security Add comments

In india, they are household names. Surprisingly, these host loads of cross site scripting issues, which went unreported till date. Or, they might be classified as known issues. One of my friends from Grad School, tried to analyse these sites for the layers of security they expose, and results were simply mind blowing. He claims that within 15 minutes, you accounts on these sites can be brought down, and mails can be stolen. He has written more about this in his blog here.

Sharekhan is typically a financial website, so i am surprised that it is also vulnerable so easily. These are all set to loose the credibility.

Sudhir reports that indiatimes is the most easy target of all. This issue has been reported to these sites, but no response yet. There are people can create a havoc out of this.

ashish

Posted by ashish at 12:23 am
  • Sharekhan is typically a financial website, so i am surprised that it is also vulnerable so easily. These are all set to loose the credibility.
  • I have been using Sharekhan for some time now, it did seem so secured but after reading your post I am just so confused.
    Aspects like password change every 14 days, trading passwords for all transactions entered etc showed it to be secured.
    However, apart from the technical aspect they have measures where it is just impossible to withdraw money to a Bank account apart from what you have registered and any mail to the registered mail address.
blog comments powered by Disqus

Follow Me

What I'm Doing...

  • Just saw sania mirza speaking on TV. Couldn't understand her accent. even my American friend could not! 3 days ago
  • @amaragrawal echofon in reply to amaragrawal 6 days ago
  • http://angel.co/ for someone in dire need of money in order to survive the next great idea. 1 week ago
  • http://twitpic.com/2hz0u1 - Why does google analytics have access analytics button instead of standard google login? 1 week ago
  • Tringme launches direct voip calls over wifi on blackberry. Does not work on OS 5.0 and above. Major wifi enabled blackberry's sport this OS 1 week ago
  • Another day spent in front of world movies. 1 week ago
  • Currently watching the gems of journalism after a long time. lots of breaking news in one minute. 1 week ago
  • whoever invented and inverter deserves a huge applause. Couln't have slept last night without it. 1 week ago
  • Delhi feels like mumbai. Lightening, non stop rains since last few days, and now, the flood warning! I'm Lovinn' it 1 week ago
  • Commonwealth work has turned delhi into a tomkin village. Those who it once wud put it at best. Those who see it daily know the rest. 2 weeks ago
  • More updates...

Posting tweet...

Powered by Twitter Tools

Activity

Switch to our mobile site