There has been a huge amount of hype surrounding the release of Google Plus, a social networking addition to their already robust portfolio and the main reasoning behind the Google +1 buttons that have begun to be implemented across search engine results pages and websites across the globe.
Well with so much anticipation to see exactly what Google have been able to create, once given the chance to sample the experience that many are yet to learn of but within minutes of access, the first problem has already raised its ugly head.
Testing of the Google Plus site has revealed that the latest offering from the online giants is a cloaked version of a spam bot that potentially is going to cause issues for millions of online email users.
So where does the problem arise?
The fact that Google Plus allows non Google Mail accounts to be placed into the contacts list within the site has opened up a huge security issue for email users based on the fact that Google have allowed you to share anything that you wish with huge contact lists, regardless of whether they use Gmail or not.
Here is an image of the screen box that you are presented with when you select to share something with your contacts, make sure to take note of the highlighted area as this is the extension of your ‘social circle’.
The adding of comments, links, videos and pictures has now become easy for those who are looking to use the site but the danger begins when malicious spammers begin to breach the Google Plus homepage and begin to share Trojans, viruses and botnets cloaked within links.
Okay so this isn’t anything different than when you open your inbox and have offers from senders that are looking for someone to hold millions of pounds for them following the death of a prince far away, well other than the fact that you send the share to people outside of your contact list, but the real issue is the inability to unsubscribe from the email alerts if you are not a Gmail user.
This is the same email that every person within the contact list of any sent email receive but it seems that Google have failed to realise that their un-subscription link offers very little to anyone that is not a user of their Gmail service.
We have tested this here and when a share is revealed to an email address that is not Gmail based, they are unable to opt out of the email alerts, instead receiving a Google 404 page.
Google are known to want to try to make ground within the social networking world but with Google Plus functioning in the way that it does at the moment, they need to either act quickly and sort out the 404 issue or they need to eliminate the ability to include email addresses outside of Gmail.
Either way, at the moment Google could just have unwillingly created one of the biggest spam bots on the internet and one that offers the additional danger of being unable to opt out of the updates.
No comments:
Post a Comment