Don’t Do This, You Gave NIMW It’s Start

.jpg photo of graphic of Google+ announcement of closing
Google announced that it will shut down the consumer version of Google+ following the discovery of a bug that it opted to keep secret.

Google+ to shut down following bug that
exposed 500K profiles

Google yesterday announced that it will shut down the consumer version of Google+ following the discovery of a bug that it opted to keep secret.

In a blog post, the search giant framed the decision as one that makes sense given that very few people actively use Google+—”90 percent of Google+ user sessions are less than five seconds,” writes Ben Smith, a Google Fellow and VP of Engineering—and it doesn’t warrant the work required to keep tabs on developers.

But as the Wall Street Journal reports, the move comes after Google discovered a bug that left private user information open to developers in March, but declined to alert users for fear of regulatory scrutiny.

“A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger ‘immediate regulatory interest’ and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica,” the Journal says.

Google CEO Sundar Pichai reportedly knew about the plan to forego notification.

In the blog post, Smith says Google discovered the bug in March as part of Project Strobe—”a root-and-branch review of third-party developer access to Google account and Android device data and of our philosophy around apps’ data access.”

The bug, according to Google, meant that third-party apps had access to “profile fields that were shared with the user, but not marked as public,” like name, email address, occupation, gender, and age. Google+ posts, messages, Google account data, phone numbers, or G Suite content were not accessible.

“We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused,” Smith says.

The bug, which Google patched in March, affected about 500,000 Google+ users. Was yours one of those accounts?  Sorry, there’s no way to tell.

“We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks,” according to Smith.  “That means we cannot confirm which users were impacted by this bug.”

According to Smith, the vulnerability didn’t rise to the level of requiring a notification.  “Every year, we send millions of notifications to users about privacy and security bugs and issues.  Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice,” he says.

It remains to be seen if regulators agree.  Uber kept a 2016 data breach secret, and that just resulted in a $148 million fine.

The Google+ shutdown, meanwhile, will occur over the next 10 months, so get your fill before August 2019.  If you use the service for work, though, Google+ is not going anywhere.

“Our review showed that Google+ is better suited as an enterprise product where co-workers can engage in internal discussions on a secure corporate social network,” Smith says.  “Enterprise customers can set common access rules, and use central controls, for their entire organization.  We’ve decided to focus on our enterprise efforts and will be launching new features purpose-built for businesses.  We will share more information in the coming days.”

As part of the announcement, Google also promised to give users “more fine-grained control over what account data they choose to share with each app.”  If an app wants access to a Calendar and Drive documents, for example, you can opt to share one but not the other.

Google will also “limit the apps that may seek permission to access your consumer Gmail data,” while Google Play will limit which apps that can ask for a user’s phone (including call logs) and SMS data.

5 thoughts on “Don’t Do This, You Gave NIMW It’s Start”

  1. Yep they are going to do this.
    (By the way it’s a heck of a story for me to finally be able to get one of your posts to load again. )
    But we got 10 months to go yet. Maybe they will change their mind but who knows. ?

    Liked by 1 person

    1. Keith, it is great to hear from you!
      I can’t imagine why our posts wouldn’t load, both our sites have been designed to be very responsive(device friendly).
      I am going to email you later, so we can talk about this there.
      Sincerely,
      Robert

      Like

    1. Anna Waldherr, Thank You so much for your input, and I apologize for taking so long to catch up on my comments.
      I really can’t just let you leave without enlightening you, and I just glanced at your blog, so I don’t mind saying that some of what I saw hurt, so after addressing your input, I just happen to have some numbers for you.
      Privacy has been an illusion for quiet some time apparently.
      Contrary to the “big excuse”, all this data loss isn’t because many trained security professionals failed to produce, failed to launch, or just flat became lazy.
      Ms Waldherr, you are the Attorney, so tell me where the lawsuits are.
      Over the last several years, more and more women and Children have just vanished.
      Several years back, facebook gave Obama terabytes of information on millions of people.
      It is said among Computer Security Professionals that Facebook also gave China a very large amount of data, most probably very near what Obama was given.
      Ms Waldherr, have you connected the dots yet?
      Cell-site simulators masquerade as legitimate cell-phone towers. The StingRay is an IMSI-catcher with both passive (digital analyzer) and active (cell-site simulator) capabilities.
      Facts & Stats
      When a Child says they have been molested, you better listen, it is unsubstantiated less than 2% off the time.
      When one of the Clergy is named and blamed, their testimony is destroyed immediately, these reports are unsubstantiated over 65% of the time.
      HHS states that all races abuse stats are very close, when a Child reports Sexual Abuse, at least 80% and possibly closer to 90% of the time, it is someone know to the child.
      HHS makes up BS stats to facilitate kidnapping Our Children, while at the same time, manufacturing false court documents.
      Burden of proof:
      The 80-90% stat is correct, with the exception of where 2 Races of Peoples are concerned:
      Native Alaskan and Native American, and also there is another difference:
      When a Child of these two races of peoples report CSA, the perp is known less than 30% of the time, HOWEVER, this stat pertains to Our Women And Children, which says one thing very plainly, it is the other races coming on our lands and molesting our Women and Children.
      With this said, how then are 39% of the Children in CPS/HHS custody Native American, when we are less than 1% of the population.
      * Women Abuse Children at over about 13% higher rate than Men.
      ** Everything gained for Families and Children since the early 1960s, when the SS Act was amended, is now moot point, and all gone with Our Law Makers and Justice Department taking away their equal rights at a normal life with taking every chance a Child has of retaining any Childhood innocence any length of time at all.
      Also, at this very moment Children are at the mercy of the evil whims of homosexual parents, and having felony Child Abuse inflicted upon them, this country has developed an #AntiChildAgenda.
      Sincerely,
      Robert

      Like

Fill it out, don't be a stranger forever.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.