Google Kills Google+ after Discovering Major Security Flaw


Google is shutting down the consumer retail version of its unpopular social media platform Google+ as a direct consequence of a security flaw.

The Wall Street Journal on Monday reported that Google discovered a flaw that exposed the private data of hundreds of thousands of users in Google+ but decided against publicly disclosing the issue after learning about it over the spring. This, in part, is because of concerns that “doing so would draw regulatory scrutiny and cause reputational damage”, according to the report.

Launched in 2011 as a product to challenge Facebook, Google+ is commonly seen as Google’s biggest failures.

Not soon after the report went public, Google published its own report that revealed more details about the flaw while introducing a vast array of data privacy controls that includes the permanent shuttering of Google+ for consumers.

Specifically, Google’s VP of Engineering Ben Smith revealed that the flaw was discovered during an internal review called Project Strobe wherein one of the site’s APIs that granted information to users’ profiles hadn’t been marked as public. As a result, some half a million user accounts could have been affected with the data exposed potentially including things such as name, occupation and age. Smith insists that Google found “no evidence” that the vulnerability was exploited.

Made up of over 100 engineers, product managers, lawyers and cybersecurity specialists, Project Strobe was launched as a privacy task force within Google for a company-wide audit of Google’s APIs.

The bug was “discovered and immediately patched” in March 2018, according to the Google executive.

“This review crystallized what we’ve known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps,” Smith said. “The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds.”

Image credit: LIFARS archive.