» News

There’s an app for that. And it’s all up in your business

Home - by - February 15, 2013 - 17:30 America/New_York - 5 Comments


Google ‘flaw’ puts users’ details on display

EVERY time you purchase an app on Google Play, your name, address and email is passed on to the developer, it has been revealed.

The “flaw” – which appears to be by design – was discovered by Sydney app developer, Dan Nolan who told news.com.au that he was uncomfortable being the custodian of this information and that there was no reason for any developer to have this information at their finger tips.

You may remember Mr Nolan as the creator of the Paul Keating insult generator all that hit number one in the Aussie App Store last month.”

“Let me make this crystal clear, every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred,” Nolan wrote on his blog.

“With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase.”

Harrassment aside, the problems posed by malware – “virus” programs that infect your phone, or computer and steal your personal details – are far more serious.

With Google customers’ details just sitting in developers accounts, all it would take is a half decent piece of malware software for that information to be accessed. These personal details could then be used to access the users’ bank details. That’s also more than enough information to be able to access your other devices which could also be mined for more data – insurance information, other credit cards -  which could then be used to access your banking credentials.

Mr Nolan told News.com.au that tens of millions of Google customers could be affected.

“As far as I can tell this impacts every person who purchased an App on the Play Store,” he said.

“I can’t see any way to opt out of providing that information and it seems to be a feature of the Google checkout process. I don’t know whether it applies to free apps, but there are hundreds of thousands of apps that are available for pay on the play store and there are millions of people who buy Android apps out there, I’d say easily millions or tens of millions of people.
Read more: http://www.news.com.au/technology/massive-google-security-flaw-puts-users-details-on-display-for-all-to-find/story-e6frfro0-1226577210852#ixzz2Kw7s2qs9


  1. IronyCurtain

    February 15th, 2013

    I switched my homepage to Bing yesterday.

    Thumb up +3

  2. Stranded in Sonoma

    February 15th, 2013

    I’m still trying to find a way to do without Google. It would mean giving up my blog address and a pretty good browser but the trade-off would be worth it.

    I know it doesn’t make a whole lot of sense to boycott a company because it is probably a member of a conglomerate; you would have to boycott about 100 companies to live up to your boycott of just one.

    It’s just that Google has its tentacles all over the web!

    Thumb up +3

  3. Name Redacted™

    February 15th, 2013

    I don’t trust Google at all. I avoid them as much as possible, but they have their fingers in so many pies it is impossible to avoid them altogether. But why would I want hard lefties to know about all of my web searches, sites I visit, and where I live? Scary, isn’t it?

    Thumb up 0

  4. "That Guy"

    February 15th, 2013

    Yet another reinforcement of my reason for having an iPhone and iPad instead of Android devices.

    As bad as I dislike and mistrust Apple, my level hate and have a complete lack of trust in Google is orders of magnitude higher.

    Thumb up 0

  5. Unruly Refugee

    February 16th, 2013

    google owns youtube. They are hard to get away from — like scientology.

    Thumb up 0