On September 9, I reported that Google was finally, more than two years after first being notified of the problem, working on fixing the malicious invites issue for 1 billion users of Google Calendar. I thought that would be the last time I would need to bring a Google Calendar issue to the attention of a wider audience for a while; I was wrong. This time it's another feature that can also be problematical, leaving the user just one click away from exposing calendar data to the world. While this isn't a security vulnerability, and for once I'm happy to agree with Google on that, it is a privacy disaster waiting to happen and one that could well have security implications down the line.
No comments:
Post a Comment