The Unhackable Google!

The Unhackable Google!


Facebook, Twitter, and Microsoft (in no particular order) were recently attacked by hackers. This led to a number of questions being raised. How did they manage to get into the servers of such big corporations? Why did they want to do it? And most importantly: Is Google any safer than these websites? To find the answer, we must study the problem.

When any hacking attempt (successful or unsuccessful) happens, we get scared by hearing words like “accounts hacked” or “security compromised”. This makes us lose trust in the website. The recent spate of attacks has one common thread. Let’s find out what it is:


A quarter million accounts compromised in one go. Twitter was the first one to admit the hacking. It linked the hacking to a flaw in the Java program. The Homeland Security had already warned of such attacks.


Although the attacks happened a month before the Twitter attacks, Facebook acknowledged the breach only after Twitter admitted the attack. However, Facebook claimed that all user data was safe on its servers. But again, the breach was reported to have been due to a problem in Java.


Microsoft linked the attacks on its servers to the ones on Twitter and Facebook. That means a problem in Java was responsible for attacks on three of the world’s top establishments. Apart from these, Apple, Wall Street Journal, New York Times, and Washington Post were also targeted. The Homeland Security report points towards malicious software targeting individual computers.

Since Apple has been harmed even though Java is disabled in it, the disabling option seems not viable on other systems. Does that mean Google is vulnerable to hacking too? Can our beloved Chrome be a cause of worry for us? The answer lies in the methodology of the company.

The Chrome OS was built to be secure. A term “sandboxing” is pretty famous with those linked with Google. This feature disallows spreading of malicious links and malware. Many extensions are used in Chrome. Each extension can be a cause of hacking. However, here lies the interesting portion.

The principle of privilege separation is applied in Chrome. The extensions declare their intended privileges in the manifest. In case of a compromise, the attack is limited to the privilege assigned. This means a person hacking into your Gmail will not gain access into your bank account.

Achieving this requires extensions to be divided in to two pieces: background page & content scripts. While the background page is isolated from the web, the scripts can access it anytime. Both of these, however, are interlinked with each other.

So if you have a Google account or use any of its products, you do not need to worry much. Google has already done a lot to prevent hacking from outside sources. But, of course, it is our job to download material only from trusted links. Our alertness can prevent hackers from going deep into the website’s systems.

  • Chris

    You must be joking. Chrome is more insecure than any other browser. You are just looking at the wrong people as a threat. The real threat is Google. By using their browser and their tools and their search engine, they have your passwords and credit card info and anything you hold dear and personal. They know what websites you are visiting and so by using Chrome, you are actually giving up your security to Google and the government.

  • Jim

    Your are confusing privacy with security.

  • tiktik

    Also he forgot using Google’s DNS-servers and (if in… uh… I forget, was it Chicago?) using them as ISP :p

  • Chris

    No, you are confusing separating them into two categories. Privacy goes hand in hand with security.

  • IDontKnowAnything

    I think that may be Kansas City.

  • ibrahim

    Thx emily for ur info.

  • Emily

    Well it depends from whom you want to hide your data. I agree with you that the interference of Google is getting too much. To think about it, we might be focusing on the wrong threats, yes, but we all do rely on Google. Unsafe as it is, we don’t have many options. Firefox, yes, but we cannot stay away from Google. To think of it, if Google swipes some personal info, is there anything we’ll be able to do? But for now, focusing on the outside hackers, Chrome is a safe option

  • Chris

    The belief that there is nothing that can be done about using Google products is false. There are other search engines like Duck Duck Go which protect your privacy. There are other browsers, there are other email and online document programs like Zoho.

    People just need to stop being so lazy.

    To say Chrome is safe is to walk up to stranger and hand over all your personal info and say “I trust that you won’t steal anything from me” or “I trust you won’t tell anyone else, because you know everyone keeps a secret once they have heard it”.

  • Emily

    I’ve tried Duck duck go. But there are so many things that you can’t do without Google. I like the fact that Duck duck go doesn’t give you results based on geographic locations, but for people in online businesses (especially SEO), Google is everything. Why, even our readers find us mostly through Google.

  • Zoho IS google

    Zoho is owned by google and it is created by google.