How a Google Headhunter’s E-Mail Unraveled a Massive Net Security Hole

Mathematician Zach Harris, 35, of Jupiter, Fl., poses for a portrait on Tuesday. Photo: Brynn Anderson/Wired

It was a strange e-mail, coming from a job recruiter at Google, asking Zachary Harris if he was interested in a position as a site-reliability engineer.

“You obviously have a passion for Linux and programming,” the e-mail from the Google recruiter read. “I wanted to see if you are open to confidentially exploring opportunities with Google?”

Harris was intrigued, but skeptical. The e-mail had come to him last December completely out of the blue, and as a mathematician, he didn’t seem the likeliest candidate for the job Google was pitching.

So he wondered if the e-mail might have been spoofed – something sent from a scammer to appear to come from the search giant. But when Harris examined the e-mail’s header information, it all seemed legitimate.

Then he noticed something strange. Google was using a weak cryptographic key to certify to recipients that its correspondence came from a legitimate Google corporate domain. Anyone who cracked the key could use it to impersonate an e-mail sender from Google, including Google founders Sergey Brin and Larry Page.

The problem lay with the DKIM key (DomainKeys Identified Mail) Google used for its google.com e-mails. DKIM involves a cryptographic key that domains use to sign e-mail originating from them – or passing through them – to validate to a recipient that the domain in the header information on an e-mail is correct and that the correspondence indeed came from the stated domain. When e-mail arrives at its destination, the receiving server can look up the public key through the sender’s DNS records and verify the validity of the signature.

For security reasons, the DKIM standard calls for using keys that are at least 1,024 bits in length. But Google was using a 512-bit key – which could be easily cracked with a little cloud-computing help.

Harris thought there was no way Google would be so careless, so he concluded it must be a sly recruiting test to see if job applicants would spot the vulnerability. Perhaps the recruiter was in on the game; or perhaps it was set up by Google’s tech team behind the scenes, with recruiters as unwitting accomplices.

Harris wasn’t interested in the job at Google, but he decided to crack the key and send an e-mail to Google founders Brin and Page, as each other, just to show them that he was onto their game.

“I love factoring numbers,” Harris says. “So I thought this was fun. I really wanted to solve their puzzle and prove I could do it.”

In the e-mail, he plugged his personal website:

Hey Larry,

Here’s an interesting idea still being developed in its infancy:

http://www.everythingwiki.net/index.php/What_Zach_wants_regarding_wiki_technology

or, if the above gives you trouble try this instead:

http://everythingwiki.sytes.net/index.php/What_Zach_wants_regarding_wiki_technology.

I think we should look into whether Google could get involved with this guy in some way. What do you think?

-Sergey

Harris made sure the return path for the e-mails went to his own e-mail account, so that Brin and Page could ask him how he’d cracked their puzzle. But Harris never got a response from the Google founders. Instead, two days later, he noticed that Google’s cryptographic key had suddenly changed to 2,048 bits. And he got a lot of sudden hits to his web site from Google IP addresses.

Oops, Harris thought, it was a real vulnerability he’d found.