September 05, 2008, 11:28 AM — Something that might have gone unnoticed from Google this week is the patching of a serious vulnerability that previously allowed an attacker to exploit a weakness in Google's Single Sign-On service used with Google Apps to take over a victim's Google account.
While the specific information about the vulnerability was not published until Google had patched the issue, it chains together simple concepts, so it is considered likely that it has already been discovered and used by others.
Single Sign On services, whether it is aborted ideas like Microsoft's PassPort, the current Open-ID, or any number of desktop-based integration tools, all have the same basic weakness. Because they are designed to allow access to varied authenticated resources through the use of a common authentication token of some form, then a compromise of the token allows for access to a much broader set of services and assets than the attacker would have had without the Single Sign On system.
Ultimately, use of Single Sign On technologies can be described as a pure security / usability trade-off. In order to gain the usability of not having to remember / provide unique authentication for a series of services, the security of having properly compartmentalized access to each service is forgone.
