TechCrunch.com reports on security problems with Google Docs that affect user privacy. This revelation comes soon after another Google Docs privacy problem, where some documents were shared without user knowledge. (For more on “cloud computing,” where user data is shared on remote servers accessible online, read an excellent recent reportÂ (pdf) from the World Privacy Forum, â€œPrivacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing.â€) TechCrunch.com reports:Â
Security consultantÂ Ade BarkahÂ checked in with us to alert us to a couple of serious security issues associated to Google Docs, the web-based office software from the world’s most famous search engine company, giving a whole new meaning to itsÂ missionÂ to make the world’s information universally accessible. OnÂ his blogÂ on software, infrastructure and security, Barkah outlines no less than three issues that he discovered while investigating some potential security lapses.
Since he did the right thing by contacting Google about his findings (only to receive no response after five business days), we’re hoping that this article will help trigger the company’s engineering team to plug the holes asap. In case you missed it, earlier this month weÂ uncovered some major privacy blundersÂ going on with Google Docs, which the company later confirmed and fixed (we pinged them for this too).
So what’s up?
First, apparentlyÂ when you embed an image in a protected document it gets uploaded to a Google server where people you’ve not given access to the file can still see and download it, evenÂ afterÂ you’ve deleted the document in question. I’ve uploaded an image to a protected file in my account for testing, and deleted the document right after. If you see the image embedded on top of this post, or clickÂ this linkÂ to find you can still get to the image, that means the above checks out. […]
The third issue Barkah […] claims thatÂ if you take away the permission for another person to access your documents, they could in some cases still be able to get to them later without your knowledge.