Ok so my gmail account got comprimized (Meh not to big of a deal i didnt really use it much anyway), now i have no idea how it did i have a 35+ charachter password and gmail is https so no packet sniffing(Right?)

I haven't really used my gmail account in 3+ months because i dont care for email however i just signed up for a beta of a game then decided to reinstall pidgin which i used my password in then tryed to sign into gmail and i got the "your password doesnt match error" so i tried the security question and the question was "machine number" except spelt in russian i did a google translate, btw i always make my security questions random text and hope i dont forget my pw....

So the places ive used my password that could be compromized, my moms laptops (they run windows lol) and pidgin since it stores passwords in plain text and sends them across the net in plain text.........

I think i should reinstall ubuntu on my main machine since its the only one i ever will use gmail on again (just to be safe) is it possible for a man in the middle attack? Im worried that my families email bank accounts etc could be in trouble.

My network setup is pretty good, im using ubuntu so rare chance of malicious sofware, i have a strong wifi password like more than 40 random characters, i do have like 3 boxes sitting running folding at home so i dont know where when or how my gmail got comprimized and that's what is worrying me! :X



edit: I will check back on this post in the morning its 2 am now so sleepy time, if i could reply to posts in my sleep i would trust me ;)

Moved to Security.

I'm no expert, sorry I will not be able to help you much (others will).

At the bottom of the gmail page, there is a link where you can check the IPs that accessed your account (see screenshot).

Using different passwords for different applications is a good idea. If accessing an account from a "public" computer, ask the browser not to remember the password.

My guess would be a keylogger or something on that Windows laptop. When my gmail account (together with a few other accounts) was compromised I changed to linux and now I never log to my mail or anything from someone else's computer.

yea i should do a scan of those laptops.

is it possible for a root kit to function while running linux even if its a windoze root kit because a few of my computers that run linux which are folding at home are computers which i got for free so is it even possible for them to have a root kit that packet sniffs?

A Windows rooot kit cannot possibly infect a Linux OS.

I have been reading about BIOS rootkits recently though. In theory they might be able to, but as far as I know they are only lab experiments so far.

It is advised to use a descriptive topic title, that means a topic title that gives some clue about the content in the thread itself...

A generic topic title like "noob here" or "need help" does not help at all. As you may have noticed, just about everyone posting in here has some kind of a problem or issue or question ;)

And it is also adviced to use seperate threads for unrelated problems so that you can mark each one individually as solved.

Or in short terms: Help others to help you ;)

See the forums policy, especially section II.2: http://ubuntuforums.org/index.php?page=policy

Also, when you are asked to post output from (config) files or from a command, use brackets around (each) output. That makes it also easier to read.