Hot on HuffPost Tech:

See More Stories
Engadget for the iPhone: download the app now
AOL Tech

Holes in the cloud: consultant finds more flaws in Google Docs

Remember the shouting about the Google Docs privacy lapse a few weeks ago? As it turns out, that was just the tip of the iceberg.

Security consultant Ade Barkah has found several more gaps, and they're all just as alarming - if not more so.

Issue #1 appears right at the top of his blog post: an image that he embedded in an unshared document. Apparently all uploaded images can be accessed directly by anyone, as long as they've got the url.

On top of that, Barkah discovered that another user can view past versions of diagrams you insert in a document even after your replace them. As with the image access flaw, finding the previous versions is as simple as replacing the rev=# in the drawing's URI.

Last but not least, users you've previously granted access to your docs but later removed aren't necessarily gone for good. There are certain cases in which they can regain access themselves without you ever knowing about it.

Tin foil hat wearers rejoice, this is further confirmation that just because you're paranoid that doesn't make you wrong.

[via TechCrunch]

Tags: fail, google-docs, privacy, security

Comments

2