April Fool’s Day comes but once a year, and that’s probably a good thing for Google. Everyone’s favourite search giant and proprietor of quirky holiday-related graphics accidentally broke its site security this April 1.
This year, Google’s “prank” was turning its home page display around, so when you visited the homepage, everything looked backwards. But according to researchers at Netcraft, the joke was on Google — the prank home page didn’t have the usual security header in place to stop click-jacking attacks. Netcraft wrote about the fuckup in a blog post.
This vulnerability would have allowed a remote attacker to change a user’s search settings, including turning off SafeSearch filters.
Netcraft told Google about the vulnerability, and it looks like everything got patched up before hackers figured it out. What a great ending to a tale of potential enormous security failure! Happy Friday!