Google+ is shutting down after several years of a failed effort to rival Facebook. However, it is not officially closing down due to failed competition. It is ending services because a vulnerability exposed half a million users’ data. Specifically, the issue lies in the Google+ People API, which had a flaw that exposed usernames, email addresses, gender, DOB, etc. to third party developers. These things are not infrequent. However, one has to wonder if this happened to Facebook, the result wouldn’t be so disastrous. This was likely just the nail in the coffin for Google+. Only 438 developers could have had access to this vulnerability and there apparently is no evidence that any one of them were even aware of this.
https://thehackernews.com/2018/10/google-plus-shutdown.html
Xinteng Chen says
Hi Connor
Thanks for sharing the information. According to the article, Google+ allows the third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. All of the information are personal information. If the developer use the information for bad purposes, users will face loses in this incident. It reminds users to pay attention to grant permissions when a third party app asks for.
Nishit Darade says
Hi Connor,
Google+ was late to the social media game and Facebook had already consumed the market. I believe the reports where it states developers were not aware of this vulnerability but due to its unpopularity and low user base this was the final push Google needed to shut it down.
Haitao Huang says
The nature of the flaw seems to be something very similar to the Facebook API flaw that recently allowed unauthorized developers to access private data from 50 million Facebook users. Simply shutting down the Google+ is not an effective choice for the company’s security management. The vulnerability was open since 2015 and fixed after Google discovered it in March 2018, but the company chose not to disclose the breach to the public. Facebook should take such issues seriously and make effective improvements in its security controls.
Sev Shirozian says
Some people are saying that google is using this as an excuse to shutdown google + since it’s didn’t really live up to the expectations they had for it. It was a far cry last place social media site that wasn’t able to compete with Facebook or other social media giants. Either way, if the vulnerability is that bad, I’m glad to see it shutdown!