Oops: Google Accidentally Tore Itself a Security Hole on April Fool's Day

By Kate Knibbs on at

April Fool’s Day comes but once a year, and that’s probably a good thing for Google. Everyone’s favourite search giant and proprietor of quirky holiday-related graphics accidentally broke its site security this April 1st.

This year, Google’s “prank” was turning its home page display around, so when you visited the homepage, everything looked backwards. But according to researchers at Netcraft, the joke was on Google— the prank home page didn’t have the usual security header in place to stop click-jacking attacks. Netcraft wrote about the cockup in a blog post.

This vulnerability would have allowed a remote attacker to change a user’s search settings, including turning off SafeSearch filters.

Netcraft told Google about the vulnerability, and it looks like everything got patched up before hackers figured it out. What a great ending to a tale of potential enormous security failure! Happy Friday!

[Ars Technica]

Image via Netcraft