Google+ breach exposes user data - Google plans to shut it down

Free · Oct 8, 2018

Google+ shutting down after data leak affecting 500,000 users

Google exposed the personal information of hundreds of thousands of users of its Google+ social network, the company announced in a blog post this morning. The news, originally reported by The Wall Street Journal ahead of Google’s announcement, means that Google+ profile information like name, email address, occupation, gender, and age were exposed, even when that data was listed as private and not public. However, Google says that it has no evidence to suggest any third-party developers were aware of the bug or abused it. The bug, affecting an API that was accessed by hundreds of developers, appears to have been active between 2015 and 2018.

The company says it closed the bug in March 2018 shortly after learning of its existence. The WSJ reports that the company chose not to report it because of fear of “immediate regulatory interest” that would lump Google in with Facebook, according to one source’s description of the incident.

Apparently that old motto of theirs was actually "Do No Medieval."

The blog post: Project Strobe: Protecting your data, improving our third-party APIs, and sunsetting consumer Google+

GoblinCampFollower · Oct 8, 2018

Free said:
Apparently that old motto of theirs was actually "Do No Medieval."

The other half of their motto was "It's only bad if you get caught."

Robert Jung · Oct 8, 2018

Is there going to be a way to see which accounts were compromised?

Free · Oct 8, 2018

Robert Jung said:
Is there going to be a way to see which accounts were compromised?

Doubtful.

Argent Stonecutter · Oct 8, 2018

There was nothing in either article saying any accounts had been compromised.

Dakota Tebaldi · Oct 8, 2018

Free said:
The WSJ reports that the company chose not to report it because of fear of “immediate regulatory interest” that would lump Google in with Facebook, according to one source’s description of the incident.

Which, well, it kinda SHOULD have been...

Free · Oct 9, 2018

Argent Stonecutter said:
There was nothing in either article saying any accounts had been compromised.

A system that unintentionally provides public access to data when it's not meant to is a compromised system. Whether or not anyone ever accessed that data. Google also stated that they "found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any Profile data was misused. " That's great, but not a guarantee that no such thing happened, especially considering this bit from their blog post:

We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks. That means we cannot confirm which users were impacted by this bug. However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the Profiles of up to 500,000 Google+ accounts were potentially affected. Our analysis showed that up to 438 applications may have used this API.

Free · Dec 10, 2018

A bigger oops this time.

Google+ bug exposes non-public profile data for 52 million users

Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were set to be nonpublic.

The bug was introduced in a release that went live at an undisclosed date in November and was fixed a week later, Google officials said in a blog post. During the time the bug was active, developers of apps that requested permission to view profile information that a user had added to their Google+ profile received permission to view profile information about that user even when the details were set to not-public. What’s more, apps with access to users’ Google+ profile data had permission to access non-public profile data that other Google+ users shared with the consenting user. In all, the post said, 52.5 million users are affected.

Essence Lumin · Dec 10, 2018

Google+ seemed like some useless exercise to me. I think it was supposed to be competition to facebook but offering nothing that would make people want to switch. One particular if small annoyance to me was an effect on the regular google search. It used to be you could type +someword and someword would be required to be in the results. but because google+ user names began with a + they changed that. So now if I want a word required, it has to be enclosed in double quotes. That has a different meaning to the search engine than two or more words being enclosed in double quotes which means to look for that phrase.

Jopsy Pendragon · Dec 11, 2018

Took a big step away from g+ after that "real name or GTFO" policy fiasco. Kept a stub account but it never got used for anything except some local ingress faction stuff.

Argent Stonecutter · Dec 11, 2018

Free said:
A bigger oops this time.

Since they actually know they discovered it before it was used, not so much.

Essence Lumin said:
Google+ seemed like some useless exercise to me. I think it was supposed to be competition to facebook but offering nothing that would make people want to switch.

Google Plus is basically "Facebook, but it doesn't suck". Which is hardly useless, given how much Bookface sucks.

On top of which, their biggest mistake was copying some facebook suckiness. Speaking of which...

Jopsy Pendragon said:
Took a big step away from g+ after that "real name or GTFO" policy fiasco.

Which was basically a *less fascist* version of Facebook's policy, which they backed out of, and which they apologized for. Facebook is still actively outing people. BUT NOBODY FUCKING CARES.

Seriously, you people, why don't you fucking care that Facebook's normal policy is far worse then Google's mistake, and they're not apologizing, or backing off, they're doubling down regularly.

I see people on Facebook who left Google Plus because Google Plus didn't accept their pseudonym, but they're apparently OK with Facebook despite not being able to use their pseudonym there. WHYYYYY?

Fauve Aeon · Dec 11, 2018

Jopsy Pendragon said:
Took a big step away from g+ after that "real name or GTFO" policy fiasco. Kept a stub account but it never got used for anything except some local ingress faction stuff.

Funny about that and by funny I mean weird and inconsistent because Fauve is still chugging along there with her blatantly 'I'm an avatar' nonsensical and decidedly not 'real' stuff and I've never heard a peep of challenge about it. I've always found that odd.

Ashiri · Dec 11, 2018

Argent Stonecutter said:
I see people on Facebook who left Google Plus because Google Plus didn't accept their pseudonym, but they're apparently OK with Facebook despite not being able to use their pseudonym there. WHYYYYY?

Blinkers. It's a common human reaction to overlook the sins of one group while condemning the same sins of another.

Argent Stonecutter · Dec 11, 2018

Fauve Aeon said:
Funny about that and by funny I mean weird and inconsistent because Fauve is still chugging along there with her blatantly 'I'm an avatar' nonsensical and decidedly not 'real' stuff and I've never heard a peep of challenge about it. I've always found that odd.

Facebook apparently outsources their investigations to various 4chan stormtrooper types who go hunt down people using pseudonyms and report them. So if the chans haven't noticed you yet...

Fauve Aeon · Dec 11, 2018

Argent Stonecutter said:
Facebook apparently outsources their investigations to various 4chan stormtrooper types who go hunt down people using pseudonyms and report them. So if the chans haven't noticed you yet...

Well, I don’t go there except to silently skim/monitor one topic as a bellwether for potential gathering drama problems, and I do not post in places like that. So that makes sense

Free · Dec 11, 2018

Argent Stonecutter said:
Since they actually know they discovered it before it was used, not so much.

Um, sure, whatever.

Argent Stonecutter said:
Seriously, you people, why don't you fucking care that Facebook's normal policy is far worse then Google's mistake, and they're not apologizing, or backing off, they're doubling down regularly.

I'm sorry, are you the one on this board that started the Facebook Hatred thread?

Perhaps you too should put your personal biases in check.

Argent Stonecutter · Dec 12, 2018

Free said:
I'm sorry, are you the one on this board that started the Facebook Hatred thread?

(peers closer)

You don't *look* like Jopsy.

Free · Dec 12, 2018

Argent Stonecutter said:
You don't *look* like Jopsy.

Argent Stonecutter · Dec 12, 2018

So you trolled me? OK.

Jopsy Pendragon · Dec 12, 2018

Argent Stonecutter said:
Which was basically a *less fascist* version of Facebook's policy, which they backed out of, and which they apologized for. Facebook is still actively outing people. BUT NOBODY FUCKING CARES.

Seriously, you people, why don't you fucking care that Facebook's normal policy is far worse then Google's mistake, and they're not apologizing, or backing off, they're doubling down regularly.

I see people on Facebook who left Google Plus because Google Plus didn't accept their pseudonym, but they're apparently OK with Facebook despite not being able to use their pseudonym there. WHYYYYY?

I'm still on both, not that it matters with as little as I use either.

The difference, to me, was that if G+ didn't like the name I was using... they could SHUT DOWN MY GMAIL ACCOUNT! Totally unacceptable risk.

FB? Meh. I'd lose facebook access... whoop-de-doo.

Google+ breach exposes user data - Google plans to shut it down

*censored*

Well-known member

Well-known member

*censored*

Emergency Mustelid Hologram

Well-known member

*censored*

*censored*

*

fuck the ballroom

Emergency Mustelid Hologram

🌽🐍Mostly Jellicle...🐍🌽

√(-1)

Emergency Mustelid Hologram

🌽🐍Mostly Jellicle...🐍🌽

*censored*

Emergency Mustelid Hologram

*censored*

Emergency Mustelid Hologram

fuck the ballroom

censored

censored

censored

censored

censored

censored