On Monday, Google revealed a second bug in Google+ APIs that could have been used by malicious actors to harvest the private data of over 50 million users. Though the bug was discovered as part of internal testing and was not used by any third party, according to a Google spokesperson, this has prompted the company to accelerate the shutdown of the consumer version of Google+ from August 2019 to April 2019.
According to the incident report, "apps that requested permission to view profile information that a user had added to their Google+ profile—like their name, email address, occupation, age (full list here)—were granted permission to view profile information about that user even when set to not-public." This does not include financial data that could be used for identity theft, according to Google.
SEE: Google Drive: Tips and tricks for business professionals (Tech Pro Research)
As a result of this bug being identified, Google+ APIs will be sunsetted in 90 days, with access to the consumer version of the platform terminated by April 2019. With this, Google+ will join Google Spaces, Google Talk, Google Wave, Google Buzz, and Orkut in the graveyard of failed social networking products the company has produced. (In fairness, if Facebook is the picture of success for social networking, Google is better off a failure.)
Though it appears to be doom and gloom for Google's hopes of making it in the social networking world, Google+ is expected to continue service for enterprise users, as organizations that have G Suite subscriptions have adopted the platform as an alternative to a corporate intranet, or as a partial Slack replacement. The G Suite version of Google+ is not a zombie product—it appears to be in active development, as new features were announced in October at Google Cloud NEXT London, including tagging, custom streams, and engagement metrics.
Google is increasing their focus on enterprise communication tools, with Google Hangouts being shuttered in favor of Hangouts Chat and Hangouts Meet, and the consumer version of Hangouts being sunsetted in favor of the Android Messages app (powered by Google's RCS backend) and Google Duo for video.
Google's bewildering messaging app strategy has been the focus of intense speculation, with the company cutting down from seven to five apps in the near future. Scott Johnson, the real time communication product lead at Google, called out 9to5Google's Stephen J. Hall on Twitter for a report accurately claiming that Hangouts "Classic" will be sunsetted in 2019. Hall's tweet was derided as being "out of line" by other bloggers.
The big takeaways for tech leaders:
- A second bug was discovered in Google+ APIs that could have been used by malicious actors to harvest the private data of over 50 million users, but no evidence was found of it being exploited in the wild.
- Google+ will remain available for G Suite users, as a companion product to Hangouts Chat and Hangouts Meet enterprise-focused messaging services.
- A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
Why is Google so bad at innovation? 44 dead products and counting... (ZDNet)
- Google Home: A cheat sheet (TechRepublic)
- IT firms, telcos among dozens hacked in new info-stealing malware attack (ZDNet)
- 22 Android click fraud apps with 2M+ downloads removed from Google Play Store (TechRepublic)
James Sanders is a technology writer for TechRepublic. He covers future technology, including quantum computing, AI, and 5G, as well as cloud, security, open source, mobility, and the impact of globalization on the industry, with a focus on Asia.