Don’t Go Breaking My Heart

I have been a longtime fanboy of Google and its products.  I am writing this right now on Google Docs on a Chrome browser that I will move over to WordPress.  I like the fact that they are open, they like to share knowledge with the world and open it up to the general public for consumption.  

To give an example, the other day I was writing an article on the brain and ACC.  Most of what I was writing about was from Wikipedia and a Text to Youtube journal article and I wanted to double check some of the facts.  A quick search brought me to Google Scholar which surfaces scientific journal articles to the common person, i.e: me. A company that provides such a valuable service to people can do nothing wrong, or so I thought.

Once Bitten – Picasa

Lately, though I have been questioning my view that “Google Can Do No Wrong”, and there are some very good reasons for that.  The first was when I discovered a number of pictures I didn’t realize were publicly shared were visible on the Google+ service.  I hadn’t looked at the service in years as it had been a long time since I signed up but I had gotten a note about the service being deprecated so went to check it out and see if there was anything worth backing up or saving.  To my surprise, there were a lot of pictures and posts that I had no idea I was sharing with the world.

Immediately I thought that I did something horribly wrong and bad, missed a security setting or permission somewhere when I was posting them.  I felt shame at being so technically inept and slowly weeded through the pictures, removing permissions and removing the permissive sharing rules.  After some hours I finally felt better again and confident that my son’s friends would not find that picture of us napping or him running around in a diaper with his stethoscope on.  Phew, horrible daddy moment averted.

I’ve since rethought that experience and I am really not sure if I did anything wrong or if Google did anything wrong either.  Way back in the day I used to share a lot of photos via Picasa, a service that Google purchased and eventually migrated to what is Google Photos currently.  I am leading a bit into the next post however one thing that I believe may have happened is photos that I had only intended to share via a link with family and friends were migrated to Google+ during one of the internal service changes.  This most likely went unnoticed in any of the hundreds of such notifications about changes to a service.

I don’t hold on to any resentment here, even for the pose of me without a shirt on in front of my bathroom mirror that my manager most likely saw before he interviewed me for my current position.  I am grateful however that I was still hired.  No, my only gripe is that caution should have been made to make the sharing less permissive when these changes were being made.

Twice Shy – Google Photos

When I noticed the Google+ issue it started making me hyper-aware of issues that could happen when internal services change.  This critical eye has made me look at Google Photos and the places that the feature is not working with the users’ privacy in mind.  

For instance, when I go to create an album and share it with friends I notice that the default setting will create a link that will allow everyone with the link to view.  It’s not an evil thing and really helps share with family and friends who do not have Google Photos. What I do have an issue with and have submitted a few bug reports about is that the UI design makes it difficult or impossible to do anything except share via a link, even if I am just sharing with users who also have Google Photos.

To give an example, I have this photo which I shared with a friend: https://photos.app.goo.gl/qBdYjaaJztPXFtoZA.  I did not create a public link for this photo as the person I was sharing with is on Google Photos.  I posted this on the help forum: https://support.google.com/photos/thread/2503911.  At a suggestion that came from that post, I have also submitted feedback using the Google Photos app, a couple of times now.  I still see the issue occurring however I am hopeful it will make it’s way up the backlog to a place where someone considers my privacy important.

So if I don’t want this photo publicly shared why don’t I just delete it and stop bitching about it?  Well, I tried and when I go to delete the public link and only share with my friend it unshares the entire photo:

Google Photos - Sharing Options

Unselecting the “Share” toggle causes the following dialogue to pop up and unshares the photo from my friend:

Google Photos - Stop Sharing Link

I have played around with it a bit on the web interface and it is possible to share with just another Google Photos user.  It is super difficult though and really less permissive should be the default option so this is broken, in my opinion.

The other issue with sharing is that the list of users the link is shared with are shown to an unauthenticated user.  You can open the link above in an incognito browser and see the people I have shared with.  This provides a greater attack surface for a hacker as it exposes the people that you associate with.  As we move forward this attack surface will also be used more and more to create backstories for identity theft as my overactive imagination alluded to in the DigiDoug post.

I’d also like to point out that with GDPR coming our way this type of sharing is a huge liability to companies.  I’d also like to point out in all fairness, Apple picture sharing has similar issues with the public links.  It also seems to be the default option when you share with another person and they do not seem to check if the user has an Apple ID.  

Some sort of link expiration would help here.  I believe that Google is starting to do this in Google Docs has added and I hope they consider this for Google Photos as well.  In reality, all services going forward should probably consider this with public links going forward.

Side Note – A Solution

Part 1

I believe part of the solution here would be to have all public links have an expiration date by default.  This would solve part of the issue and also reduce the issues with GDPR compliance.  I don’t think this could be retrofitted though to existing links and we’d need Part 2 of the solution.

Part 2

The other part of the solution would be to provide a landing page where users could review any public links that they have shared and remove just the link (not sharing with other users).  This would most likely need to be done per service and some sort of periodic reminder or security checkup would be valuable here.

Conclusion

This has been a bit of a ramble and I hope the conversational voice is constructive rather than negative.  I’ve really tried to provide good feedback and possible solutions for the issues I am pointing out. I think as technologies change we will see more of these issues pop up around privacy, connectivity and sharing.  Some will be easy flow or bug fixes to existing services and others will require some deeper thought.

References

%d bloggers like this: