Google+ has a security vulnerability Or will be closed
Google’s eponymous social network, Google+,may be shut down due to a vulnerability that may allow malicious developers to collect data from hundreds of millions of Google users.
Google said in a blog post that the company discovered the vulnerability in March 2018 as part of Project Strobe. Project Strobe is comprised of 100 people and is responsible for a comprehensive review of third-party development tools that allow access to Google accounts and Android device data.
Google claims that the Google+ People API allows users to access personal data and friends data, which inadvertently allows third-party applications to remove personal data that is not marked as public, including name, email address, occupation, and gender.
Google said that up to 500,000 Google+ accounts were affected, and as many as 438 apps might use that API.
Ben Smith, vice president of engineering at Google, said in a statement that the company discovered the vulnerability in a wide-ranging privacy and security review of all products in March. An internal committee decided not to disclose the possibility of this vulnerability invading Google+ because no evidence of data abuse was found, including name, email address, age and occupation. He said that this vulnerability was fixed immediately at the time.
At 2:04 pm New York time, Google's parent company, Alphabet, fell 1.5% to $1,150.73, after falling to $1,135.40, the lowest intraday price since July 5.
Google+ has never been a social platform. Google said it will close Google+'s consumer features in the next 10 months, but it can still serve as a platform for internal employee communication.
评论
发表评论