Skip to main content

Google: Security Mishaps and User Trust

From TechCrunch

Google is pushing full steam ahead with their office strategy, and their hope is to convince a lot of individuals and businesses to trust Google enough to store their documents on Google’s servers instead of their own computers, or servers under their control.

The fact that unauthorized document access is a simple password guess or government “request” away already works against them. But the steady stream of minor security incidents we’ve seen (many very recently) can also hurt Google in the long run. Running applications for businesses is serious stuff, and Google needs to be diligent about security.

Another minor incident came up this evening - a Google employee intended to post on her personal blog and wrote on the official Google blog covering Blogger instead.

Earlier security incidents:

July 2004: Gmail secuity issue allows unauthorized access to others’ registration information.

January 2005: Gmail security flaw allows unathorized viewing of others’ emails.

November 2005: Gmail bug allowed hackers to take complete control of a victim’s Gmail account.

March 2006: Google accidentally deletes its main official blog. They write “We’ve determined the cause of tonight’s outage. The blog was mistakenly deleted by us (d’oh!)”

July 2006: Writely document appears that seems to show internal confidential Google information on the Platypus project.

October 2006: Google blog hacked and fake post published, quickly taken down.

October 2006: User complains that blog posts through the Blogger API are being published on someone else’s blog.

October 2006: Google accidentally releases Google Platypus software.

Google product teams work in cells, which allows them to quickly launch and iterate products. However, there could be a disadvantage to this as well with regard to security, as their does not seem to be one central policy or security group ensuring strict compliance across the entire company. Every security incident damages Google’s credibility and reputation. Microsoft has been dealing with security issues forever - Google may need to start fighting the same war.

Comments

Popular posts from this blog

Iran: A Rummy Guide

To borrow a phrase used for Iraq, there are 'things we now know we don't know.'Back in June 2002, as the Bush administration started pushing hard for war with Iraq by focusing on fears of the unknown—terrorists and weapons of mass destruction—Secretary of Defense Donald Rumsfeld explained that when it came to gathering intelligence on such threats, "absence of evidence is not evidence of absence." Elaborating, Rumsfeld told a news conference: "There are things we know that we know. There are known unknowns; that is to say there are things that we now know we don't know. But there are also unknown unknowns. There are things we do not know we don't know."Now there's a crisis brewing with Iran. And the same basic problem applies: what is known, what is suspected, what can be only guessed or imagined? Is danger clear and present or vague and distant? Washington is abuzz now, as it was four years ago, with "sources" talking of sanctions…