Η Google ανακάλυψε ένα νέο σφάλμα στο API του Google+. Σύμφωνα με την ανακοίνωση της εταιρείας φαίνεται να επηρεάστηκαν προσωπικές πληροφορίες από 52,5 εκατομμύρια χρήστες μετά την αποκάλυψη του σφάλματος που ανακοινώθηκε in October of 2018.
What had happened:
The company said in October that the bug was found in the Google+ People API. By default, Google+ users could give third-party apps access to their profile data. As with the Facebook and Twitter, Google+ users could allow third-party apps to obtain information from the public profile of the user's friends.
However, in a post on the company's blog, Ben Smith, Google Fellow and Vice President of Engineering, stated that the bug allowed third-party applications to access user data that was classified as private and not just public data that was allowed to Applications "see".
Google said at the time that it could not determine exactly which users were affected by the error and reported around 500.000 accounts, so today the company said:
We have confirmed that the bug was approximately 52.5 million users in connection with a Google+ API.
"Με την ανακάλυψη αυτού του νέου σφάλματος, αποφασίσαμε να επισπεύσουμε το κλείσιμο όλων των API του Google+, κάτι που θα συμβεί μέσα στις επόμενες 90 ημέρες", δήλωσε ο David Thacker, Αντιπρόεδρος του G Suite Product Management.
Read the new announcement of the company.
"Επιπλέον, αποφασίσαμε να επιταχύνουμε τη λήξη του consumer Google+ από τον Αύγουστο του 2019 τον Απρίλιο του 2019."
Google discovered the error in the Google+ People API during the standard testing process that started a week after the problem was discovered.
According to the company, there is no breach in its systems and no indication was found that a developer was aware of the error or the API was abused.
However with this API, applications that requested permission for the projection πληροφοριών του προφίλ, είχαν πρόσβαση στο name, the user's email address, occupation, and age, even if he did not allow them to be publicly displayed.
Applications that had access to that data were also able to view personal data that was privately shared by other Google+ users.
According to the company, no password, financial data, IDs or other similar sensitive data were leaked.
"Έχουμε ξεκινήσει τη διαδικασία ειδοποίησης των καταναλωτών και των εταιρικών πελατών που επηρεάστηκαν από αυτό το σφάλμα. Η έρευνά μας συνεχίζεται και προς άλλες πιθανές επιπτώσεις των API του Google+."
______________________
- Acronis Ransomware Protection for free and with absolute security
- Google Leaked research entitled Good censorship
- Windows 10 KB4469342 fixes almost everything