x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Google asked the media to play down Google Play "flaw"

Google asked the media to play down Google Play "flaw"

Posted: , by Alan F.

Tags:

Google asked the media to play down Google Play
The changed headline after pressure from Google

The changed headline after pressure from Google

Last week, we told you about Dan Nolan, the Australian developer whose "Paul Keating Insult Generator" app made it all the way to number one in the Australian App Store. Recently, Nolan was stunned to find the name, address and email address of every person who bought his app waiting for him when he logged into his Google Play Store account. It even listed the information of people who started to purchase the app, but canceled the purchase. The original story about this broke in Australia on the News.com.au site after Nolan disclosed his situation to them. The original headline stated, "Massive Google security flaw puts users' details on display for all to find." But the use of the word 'flaw' seemed to stick in Google's craw as you will find out.

According to News.com.au, Google asked them to make some changes to the story, starting with the headline. Claire Porter, who was the author of the story, said that Google's main issue was with the word flaw. The Mountain View crew was aghast at the idea that allowing developers to view customer information would be considered a 'flaw' (Actually, we happened to agree with Google on this point as the very first sentence in our story says that this would not really be considered a flaw). Ms. Porter ended up giving in to Google's request. The word 'massive' was removed from the headline and the word flaw was put inside inverted commas.

"For the people asking how the story was amended: Despite the fact that Google refused to comment on the record, I was asked to change the headline (both the homepage headline and SEO headline inside the story), as well as the standfirst and lead (first paragraph). Google's issue was with the use of the word 'flaw.' Apparently a system that is designed to share users information with developers without their knowledge or permission and without explicitly saying so in any terms of service is not considered to be a flaw."-Claire Porter, author, News.com.au

source: AppleInsider

Like this story? Like us on Facebook to follow our posts:

65 Comments
  • Options
    Close




posted on 16 Feb 2013, 23:30 18

1. SoehartoTukangKorupsi (Posts: 3; Member since: 16 Feb 2013)


source: apple insider...

lol...
need i say more?

posted on 17 Feb 2013, 00:15 11

2. Igneel (unregistered)


Well duh. Everyone else worships Google, they'd just agree with what ever Google does, generally speaking. Since AppleInsider is helping the rivalry, the news could be more honest, at least to say. What better source of flaws other than their own enemy? Google knows flaws from Apple and they already have their fans to find Apple's.

posted on 17 Feb 2013, 00:25 11

3. Droid_X_Doug (Posts: 5605; Member since: 22 Dec 2010)


"Everyone else worships Google..."

Yah think? Somehow, I suspect folks at MS don't worship Google.

The bigger issue is Google's use of customer data outside of the TOS provisions. Maybe a class action lawsuit is in the making.

posted on 17 Feb 2013, 01:46 4

8. alterecho (Posts: 1072; Member since: 23 Feb 2012)


@Igneel
Sorry, i am not able to click the 'thumbs up' button more than once.

posted on 17 Feb 2013, 08:10 10

17. JeffdaBeat (unregistered)


This isn't some game of Android vs. iOS. Flaws need to be found and fixed, ASAP regardless of the company. Stop caring more about a technology company than the people who use their products. I love Apple, but by no means will that excuse them from flawed products. The same SHOULD go with Google if they've got a flaw. Fix it...simple as that.

posted on 17 Feb 2013, 09:33 5

22. Mxyzptlk (Posts: 3318; Member since: 21 Apr 2012)


I don't think it matters as long as the source is credible.

posted on 17 Feb 2013, 13:04 2

48. rusticguy (Posts: 2826; Member since: 11 Aug 2012)


Yup they ought to be as credible as you :)

posted on 17 Feb 2013, 20:16

54. joey_sfb (Posts: 2748; Member since: 29 Mar 2012)


If the media is not in error they don't have to make any amendment. I would rather the proper authority look into the matter than to have competition bad mouthing each other.

posted on 17 Feb 2013, 21:01

57. sprockkets (Posts: 1154; Member since: 16 Jan 2012)


Yes you can. It was written by Daniel Dildo of apple insider, the most idiotic appletard there is. Don't believe me? Read his blog...no, you can read a safe version here:

http://tracks.ranea.org/post/524619951/dan-dilger-exploding-head

posted on 17 Feb 2013, 00:26 12

4. Sniggly (Posts: 6780; Member since: 05 Dec 2009)


I'm sure Google will provide an explanation at some point.

My question is how this hasn't been brought to anyone's attention for almost five years now.

posted on 17 Feb 2013, 02:58 8

10. Berzerk000 (Posts: 3945; Member since: 26 Jun 2011)


That's what I was thinking. If this has been happening since the launch of the Android app store, why is everybody freaking out about it now? Apparently it's not a big deal if people are just finding out about it now, years later after it begun, and no one has been harmed by it.

Also, isn't this access of information standard for any payment method, other than cash payments and gift cards? This shouldn't be anything new, unless I'm mistaken.

posted on 17 Feb 2013, 09:44 1

26. Hemlocke (unregistered)


It would be standard if Google had that information, but not if every developer also gets it. It's the "Google Play Store," not the "Dan Nolan Play Store" or "Koushik Dutta Play Store," so those folks only need to know the bare essentials (email address, or some such) of the customer who purchased their app. Centralizing this information is one of the biggest safety mechanisms of an app store, or at least I thought it was, until Google turned it into the wild west.

As for nobody being harmed, it is actually nobody you have heard of because if it has happened, the numbers have been small enough to escape reporting. That's not the same thing as "no one has been harmed by it."

posted on 17 Feb 2013, 09:32 3

21. Mxyzptlk (Posts: 3318; Member since: 21 Apr 2012)


I'm pretty sure it'll be a load of crap. There's no excuse for google allowing such private info getting out like that to developers. Imagine if someone left a bad review and the developer had your private info .

posted on 17 Feb 2013, 09:41 6

25. lyndon420 (Posts: 1713; Member since: 11 Jul 2012)


I'm a developer...and I have your info Mxyzptlk. Stay out of your mom's underwear drawer lol.

posted on 17 Feb 2013, 09:48 3

27. Berzerk000 (Posts: 3945; Member since: 26 Jun 2011)


Not all developers are d**ks. Even so, what are they going to do with your email, address, and name? Send you spam? Come to your house and beat you up? You're blowing this thing way out of proportion. This is NOTHING new.

This thing is standard for any payments methods. Know your Apple ID? Same thing. It has your email, name, address, and your credit card info if you have one. I'm sure iOS app developers have access to that information; if you pay with anything other than cash or gift cards, you are giving all of that information away. Have some common sense and quit blindly raging over something that means literally nothing.

posted on 17 Feb 2013, 09:52

29. papss (unregistered)


Is apple keeping the media quiet about their practices too? If there was no problems then they wouldn't suppress that info

posted on 17 Feb 2013, 10:12 1

32. Berzerk000 (Posts: 3945; Member since: 26 Jun 2011)


I get where your coming from, if there's nothing wrong with it, why is Google trying to keep it quiet? Asking for media suppression = immediate response for being caught in the act of something bad, this is everyone's first reaction, and justly so.

You have to think of what Google may be doing though, maybe Google is just trying to get the media to be quiet so there isn't an uproar in the community, but since it's already been released they just asked to play it down so they have time to release a statement explaining the whole thing. That statement is probably going to be the same thing me and quite a few other people have said; this is standard information given out in ANY payment method that isn't cash or gift cards. As soon as you swipe your credit card in a store, or enter it online, the person or company you are paying immediately gets all of this information.

In the case of app stores, any time you set up an account that asks for information (i.e Android and iOS apps stores), any time you buy an app with a credit card hooked to your account or use a gift card for store credit with that account, you are giving all of your information you put into the set up of that account to the developer.

I'm not trying to defend Google because I'm an Android user. I'm just saying that this is standard; Apple does it, Google does it, anytime you have used your credit card or an account with credit from a gift card to make a purchase, that information is being given away.

posted on 17 Feb 2013, 20:52 1

56. Sniggly (Posts: 6780; Member since: 05 Dec 2009)


Google isn't trying to keep the story quiet. They just asked for greater accuracy and less sensationalism.

I can't blame them for that, frankly.

posted on 17 Feb 2013, 13:07

49. rusticguy (Posts: 2826; Member since: 11 Aug 2012)


Best way to avoid the bullcrap is enter go back to paleolithic age :)

posted on 17 Feb 2013, 20:26

55. Sniggly (Posts: 6780; Member since: 05 Dec 2009)


So... How many cases of retaliation against bad reviews by developers have you heard of?

This is fear mongering on an epic scale.

posted on 18 Feb 2013, 01:52 1

60. VZWuser76 (Posts: 1296; Member since: 04 Mar 2010)


Check out my post #59. Basically the devs get less info than if you'd purchased something from amazon or any other online retailer.
They DO give the dev your:
Name
Email address
City, state, and ZIP code

They DO NOT give out:
Your street address (123 N. Arlington Rd #11 for example)
Your SSN
Your DOB

If they didn't at least have your name and email address, they'd have a hard time confirming your subscription later on. The reason they have your city/state/ZIP s for billing. Credit cards usually need a billing ZIP for confirmation, as someone else here also said.

The only way to anonymously purchase anything is with cash. Try sending an envelope full of cash and not get ripped off. Cash only works in person. Everything else, credit & debit cards, checks, money orders, and even Paypal are not completely anonymous. Info has to be sent to complete a valid transaction, that's just how it is.

Sorry to burst anyone's bubble, but your info/money is at risk every second of every day. Even if you've never been online, had a bank account or credit card, your info is still out there. DMV, postal records, phone company records, voter registration, etc. While not the easiest to get at, it happens, and that's again only if you've never bought anything online. The only real way is to be vigilant with your bank accounts, and have a bank that has good watchdog services. My bank saved me from losing $2,000 just because they noticed odd behavior on my account. They contacted me within 2 hours of seeing it and shut it down. The breach was through my amazon account, and they apparently caught the guy.

posted on 18 Feb 2013, 13:01

62. gwuhua1984 (Posts: 1237; Member since: 06 Mar 2012)


I think with your mindset... everyone should just stop buying anything online period.

Do you know how many people will get to see your information every time you placed an order online at a company? Not to mention the individual sellers that will see all this information if you buy on Amazon, eBay, etc...

posted on 18 Feb 2013, 15:38

63. VZWuser76 (Posts: 1296; Member since: 04 Mar 2010)


Exactly. It's almost like people are finding out about this for the first time. If you don't provide all that info, how are they to verify that you are really you. Otherwise all they would need is your credit card number, and someone could get that when you're paying for coffee or gas. But on the other side of the coin now you've got to give it out to someone you don't know to purchase something online. There are risks anytime you buy with a CC. It's life.

posted on 17 Feb 2013, 00:46 6

5. gallison1983 (Posts: 41; Member since: 19 Dec 2012)


Possibly because consumers rarely ever think about ToS in the first place. Google tends to be overly liberal with information until someone calls them out on it. Kind of like Facebook. Consumers see "Install" or "Status Update" as the goal and ToS as an annoying popup to click away so they can start tapping/clicking on those buttons.

posted on 17 Feb 2013, 00:58 4

6. Fuego84 (Posts: 264; Member since: 13 May 2012)


What's the big problem, if they claim it's not a flaw then they admit to purposely providing that information. Since when is your address a private thing anyways?

posted on 17 Feb 2013, 01:44 3

7. alterecho (Posts: 1072; Member since: 23 Feb 2012)


"Since when is your address a private thing anyways?"
It was till now...

posted on 17 Feb 2013, 04:51 4

12. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


Yea you are right, our address is private....until

you get a credit card,
or a bank card,
or buy and/or sell anything online
or a subscription

Some ppl must dont realize that a credit card or a check card can be declined if it doesnt match the billing zip code or address when using it online. In some cases if the name doesnt match the name on the card.

But hey, I know some ppl that dont do things online. I pay all my bills online. One guy I work with still writes checks. I cant even remember the last time I wrote a check.

posted on 18 Feb 2013, 10:00

61. Fuego84 (Posts: 264; Member since: 13 May 2012)


Listen every government agency has your address you had to have listed your address on an ID card, Driver license, voter registration, bills, income tax, taxes, when being enrolled in school, city phone listings,and birth certificate. Who can't find your address with your first and last name state/city/zip which usually are the norm bits of info given out to merchants when purchasing online. You want your address to remain private, go on to the woods walk 1k steps north turn 375 step west and clear land and build your house and always use cash.

posted on 17 Feb 2013, 02:55 5

9. rizevnarastek (Posts: 329; Member since: 06 Sep 2012)


It is a Receipt isn't it? So that the developer has your information in case anything goes wrong, right? It seems normal to me and certainly isn't a flaw.

posted on 17 Feb 2013, 04:45 3

11. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


We get the exact same info about the developer....sometimes a real name. I think the problem is many ppl have never sold anything online. Which makes it odd this developer was even freaking out about this.

posted on 17 Feb 2013, 05:19 4

13. ogy_dogy (Posts: 453; Member since: 29 Jun 2012)


Do no evil eh?

posted on 17 Feb 2013, 07:18 3

16. tedkord (Posts: 4504; Member since: 17 Jun 2009)


You're right. I always order stuff online without having to give my name or address.

posted on 17 Feb 2013, 09:31

20. papss (unregistered)


The point is that I give that info... Google has zero rights to my personal information..just because I have a relationship with my wife doesn't mean I want google doing the same. Again google shouldn't be allowed to do that..., but its alright if all you android fans think its okay right? Because you speak for all people? Stop acting like this is okay since it's google and they would NEVER do something devient.

posted on 17 Feb 2013, 09:52 1

28. Berzerk000 (Posts: 3945; Member since: 26 Jun 2011)


Three words; Terms of Service. If you are really against this information, you should have not of agreed to them. Just know, this is a standard for all payments. Unless you pay with everything through cash or gift cards, this happens all the time.

posted on 17 Feb 2013, 09:57 1

30. papss (unregistered)


No it's not.. Farming out my information is not common practice.. I've never been watched or some intrusive ad popped up when using my apple product.. Never have I had intrusive adds no calls from telemarketer when using bing or outlook.., do I get it with google? Sure do... That to me is scummy

posted on 17 Feb 2013, 11:37

37. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


Ok...now I know you are just full of it....cuz I get ads using outlook.com. In fact....its better than hotmail....cuz its text ads now....hotmail was picture ads. I guess you are gonna say you never get ads with hotmail too, huh?

Again....we get the exact same info about the developer. But you and others keep complaining about ...your...info. The developers info is less important than yours? I know good n well many developers work from home. What if you all of a sudden became an Android developer tomorrow....

posted on 17 Feb 2013, 11:49

41. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


If you arent getting ads in outlook.com...its because you changed something in your settings....the exact same thing can be done in GMail.

The exact same thing was available in hotmail.com.

But...lets not let facts and the truth get in the way of MS's Scroogled campaign.....in hotmail and outlook.com...it was personalized based on browsing and search history. On that subject....I didnt get personalized ads in GMail...it was sponsored ads from specific companies. Guess I took care of that in the Settings already....

Scroogled...indeed....

posted on 17 Feb 2013, 11:32

36. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


"The point is that I give that info... Google has zero rights to my personal information."

If thats the case.....then dont setup an account and use Google Wallet...problem solved. One can keep entering the payment method manually each time they wanna buy something. No wallet info....shouldnt be a problem to get free apps. I know this because someone I know doesnt even have a credit card linked to the Play Store....and she has no problems gettign free apps.

I had her just try to login to Wallet. She couldnt even do it...because the last time she did the TOS changed. And she has no credit card linked to her account.

I had her just try to buy something from the Play Store....and she had to enter a payment method....after credit card info...it needed at least the name and zip code.

Thats....why.....this.....a.....non....story.

But I guess Apple having it is fine tho, right? Even in the original aerticle...the developer said all he gets when using iTunes is country and something else. Do you think for a minute Apple doesnt have the rest of the info?

But hey....its fine for us to get the developer's info, right? Or its only a problem becuse they gets ours? Whose to say some user wont go to their place, harass them?

Thats...also....why....this....is.....a....non....​.story.

posted on 17 Feb 2013, 11:46

39. papss (unregistered)


Yes I could care less about the developers personal info but you seem to go by the fact that google play is full of garbage spam programs and for you to say they are reputable is laughable at best.. Google has no quality control on play so that leaves it wide open for anyone to pretend to be a developer.. Not that common sense wouldn't stop me to say said program doesn't look right.. Point being stop defending something that's not secure and saying there is no security risk.. I don't trust google has my best interest in mind

posted on 17 Feb 2013, 11:52

42. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


Wow....I dont even have to go back and re read anything I posted to know you are drinking some good stuff right now.

Please .....go back and quote me where I said anything about:

Yes I could care less about the developers personal info but you seem to go by the fact that google play is full of garbage spam programs and for you to say they are reputable is laughable at best

and:

Point being stop defending something that's not secure and saying there is no security risk.

Take your time...

posted on 17 Feb 2013, 12:18 1

44. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


One more thing...does Apple App store still require you to have a credit card to setup or use it....even for free apps...you still have to jump thru hoops to set it up without a credit card....

I dont know if you still do...asking a real question....

Funny cuz that has never been a requirement to use Google's store...if every Android user on the planet didnt have a credit card...they could still use the Google store and get free apps....from day one.

Security risks.....they are everywhere.....its par for the course for eCommerce.

posted on 17 Feb 2013, 12:30 1

45. papss (unregistered)


I'm by no means an apple fan but the walled garden keeps me feeling more secured. I don't and won't own a iPhone but I do have an iPad and use the App Store. To answer your question, no the App Store does not require a cc to use.

posted on 17 Feb 2013, 12:38 2

46. Berzerk000 (Posts: 3945; Member since: 26 Jun 2011)


You don't need a credit card, but you still need an Apple ID, which contains email, address, name, and number and also a credit card if you want to put it on there. You use your Apple ID to download/purchase apps.

posted on 17 Feb 2013, 05:37 2

14. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


So....let me ask ppl this:

Ever use Ebay? Know the auctions where ppl sell info, or making money ideas? Most of the time...that can be emailed to the person. So...whats the need for a physical address, right?

You put in your address when setting up an account. Are you gonna keep editing it each n every time you win an auction that involves electronic delivery of the item?

Are the ppl complaining ....ever buy or sell anything online? Just curious...

posted on 17 Feb 2013, 09:37

23. papss (unregistered)


The difference is that there are fake and garbage apps that can and will get out to anyone that wants it... Just like the scammers on Craig's list that create a fake google phone number without resistance thanks to googles lax policies and people scam others with " I'm going to mail you a check With this amount and I want you to mail the remainder amount here"... Stop living on one dimension people.. It's is wrong period

posted on 17 Feb 2013, 11:01 1

34. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


The exact same thing can and does happen with Ebay.

Where is the article about Ebay...

posted on 17 Feb 2013, 11:08

35. papss (unregistered)


Oh so that makes it all better

posted on 17 Feb 2013, 11:39 1

38. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


Doesnt make it better....just shows this is a non story. Ebay and Paypal....big chance to get scammed. Many ppl still use it tho.

Welcome to eCommerce.

posted on 17 Feb 2013, 11:48

40. papss (unregistered)


Again... So say its not good versus saying its alright.. One wrong doesn't mean it opens the gate for everyone to do that and it's okay

posted on 17 Feb 2013, 12:03 2

43. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


Ok...never said its alright. Please re read my posts again....

I'm saying its par for the course...welcome to eCommerce. There is always some risk involed with eCommerce. Thats why some ppl dont use it at all.

Do you think scammers on Ebay stopped me from using Ebay? or PayPal? Has it really hurt both businesses? What ppl are over looking is if some wrong doing does happen, how easy is it to identify the problem, get it fixed? How much does wrong doing happens?

Those are the bigger questions and concerns ppl need to have. Again...if one is so worried.....there are ways to not be involved.....do everything manually with Google.

Problem solved.

posted on 17 Feb 2013, 06:03 2

15. GoBears (Posts: 335; Member since: 27 Apr 2012)


Omg, my name and address plus my email address? How awful. Guess I better leave 5 stars or the dev will come beat me up at home.

posted on 17 Feb 2013, 10:00

31. papss (unregistered)


Lol pretty funny

posted on 17 Feb 2013, 08:29 3

18. ronjr123 (Posts: 60; Member since: 16 Feb 2012)


This is ludicris. This is no flaw, at least not in the US. Standard practice when purchasing something online. That is why you should always be confident with who you are dealing when making a purchase in cyber space. I only shop at the main outlets on the web and never places like ebay. Ebay gives me the creeps, not Google.

Wanna bet apple does the same thing?

posted on 17 Feb 2013, 08:38 1

19. roscuthiii (Posts: 1785; Member since: 18 Jul 2010)


Weird... you mean to tell me customers via a digital market had their customer information sent to a content/product developer/provider via an electronic medium?!

That's crazy talk there. It's like some time a while back someone invented these machines that could be used to compute data or perform some kind of programmed task, and then created a bridge between these machines in which they could communicate through an interconnected network! Like a world wide web, if you will.
And people have been using that convenience to their advantage disregarding consequence of actions for the sake of said convenience ever since?
Do all the major newspapers outlets know about this yet?

What?! They're all moving to this weird "inter-net" thingy too?! A conspiracy I tell you, a conspiracy.

posted on 17 Feb 2013, 09:39 1

24. papss (unregistered)


If this were anyone but google you all would be all over them.. One sided tree you live on

posted on 17 Feb 2013, 10:55 1

33. bparkerson (unregistered)


It's not so much what's written but how it's interpreted!

posted on 17 Feb 2013, 12:45

47. darkkjedii (Posts: 10522; Member since: 05 Feb 2011)


You're playing it wrong. Now I sound like a typical droider.

posted on 17 Feb 2013, 15:19

50. AWiseGuy (Posts: 68; Member since: 30 Oct 2012)


Well it really isn't a flaw. Does that make it ok? No, and I'd like Google to change this. I love using Android and I want to do so securely. However, just because this isn't the best practice doesn't give the media any right to mislead and misrepresent the facts.

posted on 17 Feb 2013, 15:35 1

51. lyndon420 (Posts: 1713; Member since: 11 Jul 2012)


No different if you had to go each and every developer's website to pay for an online service using a credit card. Nothing is really secret about us common folk. I like doing my payments online for the convenience it offers, but even going to each place in person to pay bills doesn't keep anything from getting online after it's left your hands.

posted on 17 Feb 2013, 20:12

53. jroc74 (Posts: 4720; Member since: 30 Dec 2010)


"No different if you had to go each and every developer's website to pay for an online service using a credit card."

This needs to be repeated, and bolded....excellent point.

Now....lets say you dont even have to set up an account at their site, just enter credit card info. They have free and paid apps. Do you use 2 seperate email addresses for free and paid apps? Different names? Paid apps....physical address...free apps....nothing but name and throw away email address?

Or do you just leave all your info as is, same info for free and paid apps?

Some ppl actually do this...nothings wrong with doing that IMO. But ....all the folks complaining....this is the nature of buying/selling on the web. All I will say is this: if its a problem for the developers having our physical address...it should be a problem for us to have theirs. Many do work from home...

If it makes ppl feel better for only Google to have it, I hope they change it just to please ppl.

Want to comment? Please login or register.

Latest stories