Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
posted by takyon on Wednesday December 12 2018, @03:56PM   Printer-friendly
from the social-servers dept.

Submitted via IRC for SoyCow1984

Google+ bug exposes non-public profile data for 52 million users

Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were set to be nonpublic.

The bug was introduced in a release that went live at an undisclosed date in November and was fixed a week later, Google officials said in a blog post. During the time the bug was active, developers of apps that requested permission to view profile information that a user had added to their Google+ profile received permission to view profile information about that user even when the details were set to not-public. What's more, apps with access to users' Google+ profile data had permission to access non-public profile data that other Google+ users shared with the consenting user. In all, the post said, 52.5 million users are affected.


Original Submission

Related Stories

Internet Archive Moving to Preserve Google+ Posts before April Shutdown 8 comments

The Internet Archive is working to preserve public Google+ posts before it shuts down

Google is set to begin deleting data from its beleaguered social network, Google+ in April, but before that happens, the Internet Archive and the ArchiveTeam say that they are working to preserve public posts on the platform before they vanish forever.

In a post on Reddit, the sites announced that they had begun their efforts to archive the posts using scripts to capture and back up the data in an effort to preserve it. The teams say that their efforts will only encompass posts that are currently available to the public: they won't be able to back up posts that are marked private or deleted. They also urge people who don't want their content to be archived to delete their accounts, and pointed to a procedure to request the removal of specific content. They also note that they won't be able to capture everything: comment threads have a limit of 500 comments, "but only presents a subset of these as static HTML. It's not clear that long discussion threads will be preserved." They also say that images and video won't be preserved at full resolution.

Related: Google+ Shut Down After Data Breach and Cover-Up are Exposed
Senators Demand Answers About Google+ Breach; Project Dragonfly Undermines Google's Neutrality
Google+ Bug Exposes Non-Public Profile Data for 52 Million Users
Death of Google+ Causing Angst


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Funny) by ikanreed on Wednesday December 12 2018, @04:19PM (5 children)

    by ikanreed (3164) on Wednesday December 12 2018, @04:19PM (#773495) Journal

    What is a "google+ user"?

    • (Score: 3, Informative) by BsAtHome on Wednesday December 12 2018, @04:25PM

      by BsAtHome (889) on Wednesday December 12 2018, @04:25PM (#773499)

      That is bleeding edge technology, made by the chocolate factory, that collects more private data ripe for abuse. Apparently, they forgot to ask for payment while anybody could suck the database clean. That was an oversight. This will be rectified shortly. The near future access to all data will only be provided when the correctly measured monetary transfers are verified and routed through the proper tax-free circuit.

    • (Score: 0) by Anonymous Coward on Wednesday December 12 2018, @04:27PM (3 children)

      by Anonymous Coward on Wednesday December 12 2018, @04:27PM (#773500)

      "Touché" [google.com]

      • (Score: 0) by Anonymous Coward on Wednesday December 12 2018, @04:46PM

        by Anonymous Coward on Wednesday December 12 2018, @04:46PM (#773511)

        Clicked the link hoping for pictures of his wife nekkid. Alas, only pictures of naked penguins, naked fish, and naked octopussy. At least we know Linus' fetishes now.

      • (Score: 2) by ikanreed on Wednesday December 12 2018, @04:51PM (1 child)

        by ikanreed (3164) on Wednesday December 12 2018, @04:51PM (#773515) Journal

        You're not supposed to put how you want people to mod your post in your post. That's unfair. +5 insightful, informative.

        • (Score: 0) by Anonymous Coward on Wednesday December 12 2018, @05:28PM

          by Anonymous Coward on Wednesday December 12 2018, @05:28PM (#773541)

          Just because you shouldn't doesn't mean you can't.

  • (Score: 2) by Snow on Wednesday December 12 2018, @04:24PM (4 children)

    by Snow (1601) on Wednesday December 12 2018, @04:24PM (#773498) Journal

    There's 52 million Google+ users? Wow, colour me surprised.

    • (Score: 0) by Anonymous Coward on Wednesday December 12 2018, @04:36PM

      by Anonymous Coward on Wednesday December 12 2018, @04:36PM (#773505)

      not likely active users. more like all accounts on the current roles.

    • (Score: 2) by rigrig on Wednesday December 12 2018, @04:37PM (2 children)

      by rigrig (5129) Subscriber Badge <soylentnews@tubul.net> on Wednesday December 12 2018, @04:37PM (#773506) Homepage

      Why? When they wanted it to take off just about every Google service came with a bunch of "You probably want to make a Google+ account to do <whatever you are doing>, click here to sign up" buttons.

      --
      No one remembers the singer.
      • (Score: 2) by iamjacksusername on Wednesday December 12 2018, @05:56PM

        by iamjacksusername (1479) on Wednesday December 12 2018, @05:56PM (#773559)

        I had to make a Google+ account for something... In any case, it is associated with a gmail account that I have had forever. That's what I am mad about. I expect to see an uptick in phishing email sent from authenticated sources for the next few months.

      • (Score: 2) by captain normal on Wednesday December 12 2018, @06:00PM

        by captain normal (2205) on Wednesday December 12 2018, @06:00PM (#773566)

        Not only that, they pretty much force fed it to anyone with a g-mail account. Did the same with "Hang Outs".

        --
        When life isn't going right, go left.
  • (Score: 4, Insightful) by ilsa on Wednesday December 12 2018, @04:42PM (3 children)

    by ilsa (6082) Subscriber Badge on Wednesday December 12 2018, @04:42PM (#773508)

    When are these companies going to start being held accountable for these fuck ups? If they want to hover in data like there is no tomorrow, they should be responsible for it. If they are unwilling to be responsible, they should not be allowed to carry on.

    • (Score: 2, Insightful) by Anonymous Coward on Wednesday December 12 2018, @06:06PM (2 children)

      by Anonymous Coward on Wednesday December 12 2018, @06:06PM (#773570)

      You want guarantees? Sign a goddamn contract.

      Otherwise, caveat emptor.

      If you're embarrassed by your poorly shaped body, quit walking around naked on your front porch.

      • (Score: 5, Funny) by maxwell demon on Wednesday December 12 2018, @08:26PM

        by maxwell demon (1608) on Wednesday December 12 2018, @08:26PM (#773651) Journal

        You think if you stop walking, your body shape gets better? :-)

        --
        The Tao of math: The numbers you can count are not the real numbers.
      • (Score: 2) by ilsa on Thursday December 13 2018, @08:07PM

        by ilsa (6082) Subscriber Badge on Thursday December 13 2018, @08:07PM (#774110)

        Typical Anonymous Cower talking out of their ass.

        I have zero control of the data that Google hoovers in. Google does not give you the option to sign such a contract with them. If I had a lawyer write up such a contract, would _Google_ sign it? No, they wouldn't.

        So what are my options then, dumbass? Sue a multi billion dollar company that has more lawyers than I have cells in my body?

  • (Score: 0) by Anonymous Coward on Wednesday December 12 2018, @07:50PM

    by Anonymous Coward on Wednesday December 12 2018, @07:50PM (#773630)

    After the generously donation of G+, by Goole, to Apache software foundation.

  • (Score: 0) by Anonymous Coward on Thursday December 13 2018, @02:13AM

    by Anonymous Coward on Thursday December 13 2018, @02:13AM (#773842)

    Google users' data being stolen is like a thief getting robbed. Google coerced the data out of unfortunate users. Should never have given it to (((them))).

  • (Score: 2) by rob_on_earth on Thursday December 13 2018, @10:39AM

    by rob_on_earth (5485) on Thursday December 13 2018, @10:39AM (#773938) Homepage

    That would explain the amount of spam I have been getting the last few days on an email address I created for the sole purpose of activating a android phone 5 years ago.

    I cannot believe I would have willingly signed up to Google+ even on the phone.

(1)