Google asked the media to play down Google Play "flaw"

Google asked the media to play down Google Play
Last week, we told you about Dan Nolan, the Australian developer whose "Paul Keating Insult Generator" app made it all the way to number one in the Australian App Store. Recently, Nolan was stunned to find the name, address and email address of every person who bought his app waiting for him when he logged into his Google Play Store account. It even listed the information of people who started to purchase the app, but canceled the purchase. The original story about this broke in Australia on the site after Nolan disclosed his situation to them. The original headline stated, "Massive Google security flaw puts users' details on display for all to find." But the use of the word 'flaw' seemed to stick in Google's craw as you will find out.

According to, Google asked them to make some changes to the story, starting with the headline. Claire Porter, who was the author of the story, said that Google's main issue was with the word flaw. The Mountain View crew was aghast at the idea that allowing developers to view customer information would be considered a 'flaw' (Actually, we happened to agree with Google on this point as the very first sentence in our story says that this would not really be considered a flaw). Ms. Porter ended up giving in to Google's request. The word 'massive' was removed from the headline and the word flaw was put inside inverted commas.

source: AppleInsider



1. SoehartoTukangKorupsi

Posts: 3; Member since: Feb 16, 2013

source: apple insider... lol... need i say more?

2. Igneel unregistered

Well duh. Everyone else worships Google, they'd just agree with what ever Google does, generally speaking. Since AppleInsider is helping the rivalry, the news could be more honest, at least to say. What better source of flaws other than their own enemy? Google knows flaws from Apple and they already have their fans to find Apple's.

3. Droid_X_Doug

Posts: 5993; Member since: Dec 22, 2010

"Everyone else worships Google..." Yah think? Somehow, I suspect folks at MS don't worship Google. The bigger issue is Google's use of customer data outside of the TOS provisions. Maybe a class action lawsuit is in the making.

8. alterecho

Posts: 1106; Member since: Feb 23, 2012

@Igneel Sorry, i am not able to click the 'thumbs up' button more than once.

17. JeffdaBeat unregistered

This isn't some game of Android vs. iOS. Flaws need to be found and fixed, ASAP regardless of the company. Stop caring more about a technology company than the people who use their products. I love Apple, but by no means will that excuse them from flawed products. The same SHOULD go with Google if they've got a flaw. Fix it...simple as that.

22. Mxyzptlk unregistered

I don't think it matters as long as the source is credible.

48. rusticguy

Posts: 2828; Member since: Aug 11, 2012

Yup they ought to be as credible as you :)

54. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

If the media is not in error they don't have to make any amendment. I would rather the proper authority look into the matter than to have competition bad mouthing each other.

57. sprockkets

Posts: 1612; Member since: Jan 16, 2012

Yes you can. It was written by Daniel Dildo of apple insider, the most idiotic appletard there is. Don't believe me? Read his, you can read a safe version here:

4. Sniggly

Posts: 7305; Member since: Dec 05, 2009

I'm sure Google will provide an explanation at some point. My question is how this hasn't been brought to anyone's attention for almost five years now.

10. Berzerk000

Posts: 4275; Member since: Jun 26, 2011

That's what I was thinking. If this has been happening since the launch of the Android app store, why is everybody freaking out about it now? Apparently it's not a big deal if people are just finding out about it now, years later after it begun, and no one has been harmed by it. Also, isn't this access of information standard for any payment method, other than cash payments and gift cards? This shouldn't be anything new, unless I'm mistaken.

26. Hemlocke unregistered

It would be standard if Google had that information, but not if every developer also gets it. It's the "Google Play Store," not the "Dan Nolan Play Store" or "Koushik Dutta Play Store," so those folks only need to know the bare essentials (email address, or some such) of the customer who purchased their app. Centralizing this information is one of the biggest safety mechanisms of an app store, or at least I thought it was, until Google turned it into the wild west. As for nobody being harmed, it is actually nobody you have heard of because if it has happened, the numbers have been small enough to escape reporting. That's not the same thing as "no one has been harmed by it."

21. Mxyzptlk unregistered

I'm pretty sure it'll be a load of crap. There's no excuse for google allowing such private info getting out like that to developers. Imagine if someone left a bad review and the developer had your private info .

27. Berzerk000

Posts: 4275; Member since: Jun 26, 2011

Not all developers are d**ks. Even so, what are they going to do with your email, address, and name? Send you spam? Come to your house and beat you up? You're blowing this thing way out of proportion. This is NOTHING new. This thing is standard for any payments methods. Know your Apple ID? Same thing. It has your email, name, address, and your credit card info if you have one. I'm sure iOS app developers have access to that information; if you pay with anything other than cash or gift cards, you are giving all of that information away. Have some common sense and quit blindly raging over something that means literally nothing.

29. papss unregistered

Is apple keeping the media quiet about their practices too? If there was no problems then they wouldn't suppress that info

32. Berzerk000

Posts: 4275; Member since: Jun 26, 2011

I get where your coming from, if there's nothing wrong with it, why is Google trying to keep it quiet? Asking for media suppression = immediate response for being caught in the act of something bad, this is everyone's first reaction, and justly so. You have to think of what Google may be doing though, maybe Google is just trying to get the media to be quiet so there isn't an uproar in the community, but since it's already been released they just asked to play it down so they have time to release a statement explaining the whole thing. That statement is probably going to be the same thing me and quite a few other people have said; this is standard information given out in ANY payment method that isn't cash or gift cards. As soon as you swipe your credit card in a store, or enter it online, the person or company you are paying immediately gets all of this information. In the case of app stores, any time you set up an account that asks for information (i.e Android and iOS apps stores), any time you buy an app with a credit card hooked to your account or use a gift card for store credit with that account, you are giving all of your information you put into the set up of that account to the developer. I'm not trying to defend Google because I'm an Android user. I'm just saying that this is standard; Apple does it, Google does it, anytime you have used your credit card or an account with credit from a gift card to make a purchase, that information is being given away.

56. Sniggly

Posts: 7305; Member since: Dec 05, 2009

Google isn't trying to keep the story quiet. They just asked for greater accuracy and less sensationalism. I can't blame them for that, frankly.

49. rusticguy

Posts: 2828; Member since: Aug 11, 2012

Best way to avoid the bullcrap is enter go back to paleolithic age :)

55. Sniggly

Posts: 7305; Member since: Dec 05, 2009

So... How many cases of retaliation against bad reviews by developers have you heard of? This is fear mongering on an epic scale.

60. VZWuser76

Posts: 4974; Member since: Mar 04, 2010

Check out my post #59. Basically the devs get less info than if you'd purchased something from amazon or any other online retailer. They DO give the dev your: Name Email address City, state, and ZIP code They DO NOT give out: Your street address (123 N. Arlington Rd #11 for example) Your SSN Your DOB If they didn't at least have your name and email address, they'd have a hard time confirming your subscription later on. The reason they have your city/state/ZIP s for billing. Credit cards usually need a billing ZIP for confirmation, as someone else here also said. The only way to anonymously purchase anything is with cash. Try sending an envelope full of cash and not get ripped off. Cash only works in person. Everything else, credit & debit cards, checks, money orders, and even Paypal are not completely anonymous. Info has to be sent to complete a valid transaction, that's just how it is. Sorry to burst anyone's bubble, but your info/money is at risk every second of every day. Even if you've never been online, had a bank account or credit card, your info is still out there. DMV, postal records, phone company records, voter registration, etc. While not the easiest to get at, it happens, and that's again only if you've never bought anything online. The only real way is to be vigilant with your bank accounts, and have a bank that has good watchdog services. My bank saved me from losing $2,000 just because they noticed odd behavior on my account. They contacted me within 2 hours of seeing it and shut it down. The breach was through my amazon account, and they apparently caught the guy.

62. gwuhua1984

Posts: 1237; Member since: Mar 06, 2012

I think with your mindset... everyone should just stop buying anything online period. Do you know how many people will get to see your information every time you placed an order online at a company? Not to mention the individual sellers that will see all this information if you buy on Amazon, eBay, etc...

63. VZWuser76

Posts: 4974; Member since: Mar 04, 2010

Exactly. It's almost like people are finding out about this for the first time. If you don't provide all that info, how are they to verify that you are really you. Otherwise all they would need is your credit card number, and someone could get that when you're paying for coffee or gas. But on the other side of the coin now you've got to give it out to someone you don't know to purchase something online. There are risks anytime you buy with a CC. It's life.

5. gallison1983

Posts: 47; Member since: Dec 19, 2012

Possibly because consumers rarely ever think about ToS in the first place. Google tends to be overly liberal with information until someone calls them out on it. Kind of like Facebook. Consumers see "Install" or "Status Update" as the goal and ToS as an annoying popup to click away so they can start tapping/clicking on those buttons.

6. Fuego84

Posts: 357; Member since: May 13, 2012

What's the big problem, if they claim it's not a flaw then they admit to purposely providing that information. Since when is your address a private thing anyways?

7. alterecho

Posts: 1106; Member since: Feb 23, 2012

"Since when is your address a private thing anyways?" It was till now...

12. jroc74

Posts: 6023; Member since: Dec 30, 2010

Yea you are right, our address is private....until you get a credit card, or a bank card, or buy and/or sell anything online or a subscription Some ppl must dont realize that a credit card or a check card can be declined if it doesnt match the billing zip code or address when using it online. In some cases if the name doesnt match the name on the card. But hey, I know some ppl that dont do things online. I pay all my bills online. One guy I work with still writes checks. I cant even remember the last time I wrote a check.

61. Fuego84

Posts: 357; Member since: May 13, 2012

Listen every government agency has your address you had to have listed your address on an ID card, Driver license, voter registration, bills, income tax, taxes, when being enrolled in school, city phone listings,and birth certificate. Who can't find your address with your first and last name state/city/zip which usually are the norm bits of info given out to merchants when purchasing online. You want your address to remain private, go on to the woods walk 1k steps north turn 375 step west and clear land and build your house and always use cash.

9. rizevnarastek

Posts: 349; Member since: Sep 06, 2012

It is a Receipt isn't it? So that the developer has your information in case anything goes wrong, right? It seems normal to me and certainly isn't a flaw.

11. jroc74

Posts: 6023; Member since: Dec 30, 2010

We get the exact same info about the developer....sometimes a real name. I think the problem is many ppl have never sold anything online. Which makes it odd this developer was even freaking out about this.

13. ogy_dogy

Posts: 453; Member since: Jun 29, 2012

Do no evil eh?

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.