Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Solves Sharing Bug In Google Docs

Posted by timothy on from the use-of-journal-achievement dept.

RichardDeVries writes "Three weeks ago, I contacted Google about a bug in Google Docs that shared documents without permission. The issue has been resolved and affected documents have had their collaborators removed. The documents' owners have been notified: 'To help remedy this issue, we have used an automated process to remove collaborators and viewers from the documents that we identified as being affected. Since the impacted documents are now accessible only to you, you will need to re-share the documents manually.' See my journal entry for details on my contact with Google. Although I think Google handled the issue admirably, this raises questions (again) about cloud computing, as well as Google's eternal beta-status for a lot of their services."

4 of 69 comments (clear)

  1. Google's eternal beta-status by ddrueding80 · · Score: 5, Insightful

    It seems Google treats their beta products better than most treat their production stuff. Fitting, considering Google has more users of their beta stuff than other companies have paying users.

  2. Well by mysidia · · Score: 5, Insightful

    It raises more immediate questions about SAAS, which Google docs is, not cloud computing. (Google docs is software as a service, not a cloud computing service like Amazon ec2.) Someone else's custom app can have a bug, and leak your data.

    So can your provider's closed-source proprietary cloud computing applications, user provisioning, storage, etc.

    If, however, the provider uses an open-source hypervisor (like KVM), and open-source provisioning, management tools, and scripts (so the wrong user isn't given access to your storage), cloud computing should be much more secure than a SAAS platform like Google docs.

    But yes, it does raise some question about services like ec2, because they're fairly opaque and using proprietary software, how can you possibly prove that their provisioning system is secure (in that YOUR elastic block store can't accidentally be provisioned onto someone else's ec instance)?

    One possibility is to use full-drive encryption on all your volumes, and require interaction with custom software on your side to boot your instances.

  3. Raises questions? Really? by ozric99 · · Score: 5, Insightful

    Although I think Google handled the issue admirably, this raises questions (again) about cloud computing, as well as Google's eternal beta-status for a lot of their services.

    Really? I don't use Google Apps but I don't think the act of fixing a bug in any way raises questions about the overall concept any more than Microsoft fixing a bug in Sharepoint would raise questions about closed source Windows services, or fixing a bug in KnowledgeTree would raise questions about similar open source services.

    Software application has bug; bug gets fixed. Jesus people, why is this different from any other similar bug being fixed? Oh, it's Google, better get blogging.. Gotta get those ad impressions up.

  4. Re:I'll keep my docs offline thanks by stesch · · Score: 5, Insightful

    People don't care. Really. There was a worm a few years ago that sent office documents to random e-mail addresses. I received an Excel price list from a bike shop. A co-worker some Word documents from a doctor. People don't care. They continue to use this kind of software and putting documents on Google's site isn't less secure than what they are doing right now.