The company said in a blog post that it was not aware that any outsider had discovered the bug or used it to gain improper access to user data, though in previous online security incidents, such discoveries sometimes lag by months or years after a computer bug has been initially reported. Google also introduced a "+1" button for third-party content, which acted in a similar way to Facebook's "Like" button.
The API was created to only keep logs for two week periods. Google explained that there was indeed a glitch that could allow developers to access private profile information, including a user's name, email address, occupation, gender, age, and profile photo. While found and patched in March 2018, it was not disclosed until today. "None of these thresholds were met in this instance", the company said.
According to Smith, "while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps".
In its blog post announcing the Google+ shutdown, Google says it found the vulnerability as part of its Project Strobe review of third-party developer access to Google account and Android device data. In fact, usage is pretty minimal on the site, with "90 percent of Google + user sessions" being "less than five seconds".
"Our Privacy and Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response". It also said that it would strengthen Android app permission requirements to give users more fine-grained control over their mobile phone data, and that it would make it harder for apps to access sensitive information, like SMS messages and call records.
But the decision to shut down Google+ seems largely due to a previously undisclosed security breach that exposed users' profile data.
Those metrics will likely come as little surprise to anybody familiar with Google+. As a result, not all of Google+ will be killed off. While Google+ will no longer be a consumer product, new features will be coming soon to turn it into an enterprise-focused platform. The consumer Gmail API, meanwhile, will be subject to tougher new rules, and limits around what can be connected. Rather than seeing all requested permissions on a single screen, you'll soon go through each permission individually to allow to deny.
Google wants to complete the sunsetting process for the consumer version of Google+ by August 2019. Google says that "only apps directly enhancing email functionality-such as email clients, email backup services and productivity services", will be given authorization.
- David Price's playoff woes continue as Yankees even ALDS with Red Sox
- Palestinians hand out sweets to celebrate murder of Israelis
- Your Facebook account is NOT being cloned, it's all a hoax
- N Korea 'ready' to let inspectors into missile sites
- Zinedine Zidane's Agent Issues Update On Whether He Will Manage Manchester United
- Tracking Michael | Spaghetti models, forecast cone and satellite
- Barbara Bush marries Craig Coyne in ME wedding
- 'A profoundly heart-breaking day': Celebration and anger for Brett Kavanaugh confirmation
- Rock that was used as a doorstop a meteorite worth $100000
- Scott Wilson, ‘In Cold Blood’ and ‘Walking Dead’ actor, dies