Google asks journalists to tone down story of "massive" Google Play security flaw

13468913

Comments

  • Reply 101 of 257


    Again, searched for the story in news.google.com. The search returns just two stories (one of them this), and it provides a link to "all 68 news sources."


     


    But clicking on the link reveals just the same two stories!


     


    What happened to the other 66?


     


    Google says, however, that the 'selection and placement' were all left to a 'computer', so I am sure they're not to blame!image

  • Reply 102 of 257


    Originally Posted by bleh1234 View Post


    Collection and Use of Personal Information


    You may be asked to provide your personal information anytime you are in contact with Apple or anApple affiliated company.


    Collection and Use of Non-Personal Information


    We also collect non-personal information ? data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose.


    Disclosure to Third Parties


    Personal information will only be shared by Apple to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes



     


    And somehow you want to spin this as Apple being as bad (or worse) than Google?



    ENJOY! image





    Originally Posted by Steven N. View Post

    Then why are there over 1000 hello world apps in the Google Play Store? About 4000 if you go to other languages.



    Are you saying Google audited these apps?


     


    What's even scarier is that a good portion of these could very well just be designed explicitly to be information stealers.





    Originally Posted by LordJohnWhorfin View Post

    Class action in 3, 2, 1...


     


    Nope.


     


    "Breaking: Apple hacked, RSA-4096 encrypted file containing user information taken"


    "Breaking: Apple sued for purposely allowing personal data to be viewed by hackers"


     


    There's your class action. image

  • Reply 103 of 257
    tbelltbell Posts: 3,146member
    davidn1 wrote: »
    I'm really surprised by this article and the comments here.  I think the issue here is that Google Play store works differently than the Apple store.  When you buy an app in the Play store, it actually says "Pay to:" the app developer.  It uses Google Checkout/Wallet, which has a privacy policy that explicitly says it will share this information with the merchant.

    Has no one here used Amazon Marketplace?  Where's the article and outrage about Amazon doing exactly the same thing there?  I think Google's explanation here is entirely satisfactory to me: I'm not buying from Google, I'm buying from the app developer, so of course the developer knows who I am.  Just because their store works differently doesn't mean there's a "massive oversight".  I get that some people are surprised by this, because lots of people are just used to the way Apple's store works, but that doesn't mean Google's approach is a flaw, "criminal" as other commenters have suggested, or is something that even needs to be fixed.

    I wonder how many people are upset about Google sharing this information, but wouldn't think twice about installing a *free* app that requested access to enumerate accounts on the phone, allowing it to send that data back to the app developer without the user even knowing about it.

    When you buy an App on the Google Play Store you are buying from Google just like when you buy something at Target you are not buying from the product's manufacturer. I do not want every product company I buy a product from to have my personal information when I buy from a third party retailer.

    It wouldn't be hard for a less than scrupulous app maker to take advantage of people by sending emails asking for more info.

    When you use Amazon, people know sometimes you are buying from Amazon directly and sometimes a third party. When you use a third party, it is clear. Also Amazon does not allow direct email communications between parties without Amazon acting as a go between. It used to, but people would then just negotiate with the third party directly and cut Amazon out.
  • Reply 104 of 257
    muppetrymuppetry Posts: 3,328member

    Quote:

    Originally Posted by TBell View Post




    Quote:

    Originally Posted by davidn1 View Post



    I'm really surprised by this article and the comments here.  I think the issue here is that Google Play store works differently than the Apple store.  When you buy an app in the Play store, it actually says "Pay to:" the app developer.  It uses Google Checkout/Wallet, which has a privacy policy that explicitly says it will share this information with the merchant.



    Has no one here used Amazon Marketplace?  Where's the article and outrage about Amazon doing exactly the same thing there?  I think Google's explanation here is entirely satisfactory to me: I'm not buying from Google, I'm buying from the app developer, so of course the developer knows who I am.  Just because their store works differently doesn't mean there's a "massive oversight".  I get that some people are surprised by this, because lots of people are just used to the way Apple's store works, but that doesn't mean Google's approach is a flaw, "criminal" as other commenters have suggested, or is something that even needs to be fixed.



    I wonder how many people are upset about Google sharing this information, but wouldn't think twice about installing a *free* app that requested access to enumerate accounts on the phone, allowing it to send that data back to the app developer without the user even knowing about it.




    When you buy an App on the Google Play Store you are buying from Google just like when you buy something at Target you are not buying from the product's manufacturer. I do not want every product company I buy a product from to have my personal information when I buy from a third party retailer.



    It wouldn't be hard for a less than scrupulous app maker to take advantage of people by sending emails asking for more info.


     


    But that doesn't actually appear to be the case. Google Wallet is acting as a payment processor, but it does explicitly state that it is just collecting the funds on behalf of the seller - pretty much identically to PayPal. In that sense it is quite different to the App Store, where Apple is the seller and pays a percentage on to the developer.


     


    The PayPal privacy agreement is rather more up front about the process though. While it is probably not unreasonable that sellers should know at least some details about who is buying their goods and services, the Google Wallet privacy statement is somewhat abbreviated on the subject, and the general Google privacy statement just restricts itself to discussing what the apps can see/share, with just a link to the Wallet privacy terms at the end.

  • Reply 105 of 257
    quinneyquinney Posts: 2,528member
    Again, searched for the story in news.google.com. The search returns just two stories (one of them this), and it provides a link to "all 68 news sources."

    But clicking on the link reveals just the same two stories!

    What happened to the other 66?

    Google says, however, that the 'selection and placement' were all left to a 'computer', so I am sure they're not to blame!:lol:

    Google could be doing huge business in China, if they would just let the Chinese government filter search results the same way.:p
    Oh, but I forget, Google is morally opposed to someone filtering the news.
  • Reply 106 of 257
    slurpy wrote: »
    The convoluted 20 step process required to bypass an iPhone unlock code, with requires physical access to the phone, got more play than this story. And why the **** should journalists agree abide by Google's demands?

    Well, information is power and Google has lots of it. Perhaps Google would have chose to exercise said power if its "request" was not fulfilled? Who knows?
  • Reply 107 of 257
    quinneyquinney Posts: 2,528member
    isteelers wrote: »
    slurpy wrote: »
    The convoluted 20 step process required to bypass an iPhone unlock code, with requires physical access to the phone, got more play than this story. And why the **** should journalists agree abide by Google's demands?


    Well, information is power and Google has lots of it. Perhaps Google would have chose to exercise said power if its "request" was not fulfilled? Who knows?

    The implicit threat was there. No doubt about it.
  • Reply 108 of 257
    apple ][apple ][ Posts: 9,233member

    Quote:

    Originally Posted by TBell View Post



    When you use Amazon, people know sometimes you are buying from Amazon directly and sometimes a third party. When you use a third party, it is clear. .


     


    I agree, buying a piece of physical merchandise from Amazon can hardly be compared to downloading an app on the Google store.


     


    I order stuff from Amazon every once in a while, I just ordered something this week, and the best price was through a third party retailer, there were quite a few to choose between. I chose the one with the best ratings and the one that had been around for a while. I wouldn't buy anything from a retailer with no track record or bad reviews. People should always use a few seconds to investigate who you are doing business with.  Sometimes giving out personal info is necessary, such as when making a purchase online, but somebody who is just downloading apps from the Google store is exposing themselves to a whole lot more risk, since their information is being so easily shared.


     


    The Google app store model is flawed and it's not secure. And the fact that Google doesn't think that it's a security flaw, but rather a deliberate feature shows how little they give a shit about their customers.

  • Reply 109 of 257


    Also "tone down"? How about you shut up while the media tones up their coverage of what you do, Google? You don't have the right to say what is and isn't uncovered (within legal discovery boundaries, of course).

  • Reply 110 of 257
    What's so crazy is that if this was Apple.....
  • Reply 111 of 257

    Quote:

    Originally Posted by iSteelers View Post





    Well, information is power and Google has lots of it. Perhaps Google would have chose to exercise said power if its "request" was not fulfilled? Who knows?


     


    More importantly, control of access to information is power, and Google has that. They can push you up the search results, and they can burry you on page 22, and even the implication of that threat is enough to force others into line.


     


    This story is about 2 things:


     


    1. Privacy and Google are polar opposites. No matter what they tell you about how safe your information is, you can't believe them because they can always drag out "the real terms of service" you were operating under. They've got so many of them, that often cover the same situation, that it' impossible for anyone to know which applies, and you can be sure that Google will apply the one that maximizes their revenue. Bottom line: no matter how much Google or its minions assure you that your information is safe with them, it isn't.


     


    2. Google can, will and does use it's power and money to spin the story in its favor, in any way it can, or any way it has to. That includes paying an army of people to post on web sites like this, using its muscle on media outlets, burying search results, and probably bribing bloggers and others to tell its story its way. Gatorguy can come on here and tell us it's not so, but he's got no credibility, just as Google has no credibility. He can also tell us we can't prove any of it, but that's a pretty weak defense when we all know its happening, and can see it in this instance. Sort of like a murderer taunting the cops by telling them they can't prove he did it.

  • Reply 112 of 257
    jragostajragosta Posts: 10,473member
    gijoeinla wrote: »
    What's so crazy is that if this was Apple.....

    Exactly.

    For comparison. Consider all the nonsense about Apple's 'tracking' of users. The facts were that:
    1. Apple devices don't track anyone. Instead, at one time, they kept a list of cell towers that you were near. That only 'localizes' you within a few miles.
    2. The devices never sent information to Apple or anyone else.
    3. The only way to get access to even that limited information was to have the phone in your hands and hack it.

    Yet the media was all over Apple for this "security breach".

    Here, we have a case of Google sending out your personal information to third parties - and the shills are acting like it's not a problem at all.
  • Reply 113 of 257


    Google is becoming evil as opposed to their slogan. I would be wary of any product they make as who knows what type of tracking info is on it so they can make a dime on everything you do. Hopefully taxpayer money isn't spent on buying any hardware from them.

  • Reply 114 of 257


    Why do companies continue to do this when they know they will get fu**ed for it?

  • Reply 115 of 257
    jragostajragosta Posts: 10,473member
    bdkennedy1 wrote: »
    Why do companies continue to do this when they know they will get fu**ed for it?

    As I said, I don't think Google cares. They act like they think they're above the law and any reasonable standards.
  • Reply 116 of 257

    Quote:

    Originally Posted by Person View Post



    That is very creepy. I am an Apple fan but still use many Google products; Gmail, Chrome, maps, search etc. I have never been overly concerned about them infringing too much on my privacy but now I am creeped out. I am very very seriously considering discontinuing all Google use. The only product of theirs that I truly love is Chrome, so that will be hard.

    Here is some advice Google, don't be evil.


     


    I have to agree that Chrome is a good browser, and I wish Apple took the web browser race a bit more seriously. But I always felt that Apple (going back to the days when Steve Jobs was willing to make Internet Explorer the default browser in OS X, perhaps as a concession to Microsoft's terms to agreeing to invest in Apple) never really cared that much about winning the browser wars. It was a means to an end, which was to spur on the adoption of OS-agnostic HTML5 (something that leveled the playing field against Windows and technologies like ActiveX and Flash, which were always implemented better on Windows). With Firefox, Opera, and Chrome now sustaining HTML5 adoption, I think Apple is now content to let Safari slide, and that's a shame. I noticed that while FF, Opera, and Chrome have moved to a far more rapid release schedule, browsers like Safari and IE are (more or less) tied to the release of OS versions, so Apple's HTML5 feature compliance tends to lurch forward in annual cycles. I want Safari to be a no-compromise HTML5 compliant WebKit-based browser. The fact that Apple backed-off developing the Windows version of Safari tells me they're content to let others take the lead in browsers. I could use Chrome, but I'd rather use Safari (and I do, warts and all).


     


    Regarding the other thing you said about Google and privacy is that yes, I don't like how Google went from spidering and indexing the web, to gathering information about its users. I'd rather they be a kick-ass search engine that works for users, not data collector of users' data that serves Google's interests.

  • Reply 117 of 257
    kr00kr00 Posts: 99member
    gatorguy wrote: »
    Ah, just like the State Farm commercial!

    Man: Where'd you hear that?

    Woman: On the internet. They can't put anything on the internet that isn't true.

    Man: ..and where did you read that?

    Woman: On the Internet

    I realize that [SIZE=12px]you[/SIZE] may not wish to read the Google disclosure because you couldn't then continue to make believe what you say isn't there really isn't there. For others the policy is here, and the disclosure listed under "Information We Share".
    http://wallet.google.com/files/privacy.html

    As for you JR, feel free to continue with FUD in the face of facts sir. No reason to change now.

    And the fandroid troll emerges. Why do you come here? If this were a story about Apple, you sir, would be foaming at the gills in anger. You sir are one brain dead hypocrite. Do not come to an Apple forum with your garbage, FUD. It's clear you work for google in some way, as you can never admit to any wrong doing by your beloved overlord. I suggest YOU sir watch this (as you demand other to do with any of your linked material).

    Please stop polluting this forums, just go away. Nobody but you thinks your rubbish adds anything here. Your inferiority complex is obvious, why else do you come here, unless you're being paid to do so? Google are, and always will be, the biggest fraudseters on the face of gods earth. Now bug off.
  • Reply 118 of 257

    Quote:

    Originally Posted by Tallest Skil View Post


    And somehow you want to spin this as Apple being as bad (or worse) than Google?



     


    Most Google/Samsung defenders in the forums tend to argue something like "see, Apple does it too!" using spurious examples. They never actually deny that Google/Samsung did whatever they were accused of doing. To me, that's implicitly admitting that Google/Samsung did whatever they are accused of doing.

  • Reply 119 of 257
    gazoobeegazoobee Posts: 3,754member

    Quote:

    Originally Posted by Gatorguy View Post


    ... Even Apple has been know to contact writers to correct what they think is an inaccurate portrayal ....



     


    This is bullshit.  If it was only about "accuracy" then Google *might* have a quibble with the single word "flaw," which is technically inaccurate given that it indicates something broken, whereas this was actually a planned leak of information, not a mistake.  Even there, the word "flaw" actually helps Google out because if it isn't a "flaw," it's by design.  


     


    Every other aspect of the story was completely factual including the word "massive" (how could something that affects every single user of the store not be "massive"?)  


     


    Apple would never phone up a media outlet over something as trivial as whether the single word "flaw" was correct usage.  Apple would phone up if there was a massive mischaracterisation going on (and they have in the past).  


     


    Here, on the other hand, we have Google asking them to change their story away from the simple facts and to put a spin on it that changes the meaning entirely.   In other words here we have a factual story that Google is asking the media outlet to purposely mischaracterise for their own personal benefit.  


     


    These are not the same thing at all. 

  • Reply 120 of 257

    Quote:

    Originally Posted by Suddenly Newton View Post


    I have to agree that Chrome is a good browser...



     


    But, why does it want to upload your entire Contacts database, even if you don't have and aren't logged into any sort of Google account? What it is is a good piece of spyware, and its primary purpose is to collect information about you and send it back to Google.

Sign In or Register to comment.