Google Apps and Facebook's recent inbox controversies

Google Apps and Facebook's recent inbox controversies

Summary: Both Google and Facebook have slipped up with their users as a result of their "inbox policies". What happened and what are the repercussions? Explained, as always,

SHARE:

Over the course of last week, issues with both Facebook's service and Google's Apps service were highlighted by users.

What Google did wrong

Microsoft must have been reveling in Google's tears as their competitor to Live@edu glitched, allowing other users and students to view, in some cases, the entire contents of another student's inbox.

The issue was caused by an unknown bug which occurred during the switchover process from self-hosted accounts to Google-hosted accounts. According to one report, Google took between 3-5 days to isolate the issue and close the accounts before fixing the problem.

ReadWriteWeb's summation:

"In the case of the Google Apps glitch, which began on Friday, September 11th, a couple of students notified Brown's Computing and Information Services department (CIS) that they were able to read emails belonging to other students.

The CIS department contacted Google on the following day and sent out an email to the 200 students whose mailboxes were in transition, asking them whether or not they were experiencing the same problem. Some were. The affected students could either see entire inboxes belonging to another classmate or, in other cases, saw less than 100 messages that did not belong to them."

What Facebook did wrong

On a similar note, Facebook took a relatively quiet step in the anti-privacy route by allowing application to access inbox messages.

This appears to be a effort to open up the Facebook experience outside of the desktop by allowing the API to connect with offline applications, but arguably the system is susceptible to abuse.

According to a campaign to keep messages private:

"On August 11th, Facebook started giving whitelisted apps access to inbox messages. User permission is required, but the potential for abuse is enormous - a malicious or hacked app could post private messages on the web for anyone to read. Even if you block or avoid applications, messages you send to less careful friends (who do use inbox apps) could be compromised."

The controversy began when the Facebook Developer site announced last month that:

"The Inbox API allows you to access your users' messages, once they grant your application the new read_mailbox extended permission. This lets your applications provide an interface for users to view their messages. For example, your application could pop up an alert when the user receives a new message."

Ironically those supporting the cause (via) Facebook itself, although the petition application you use doesn't collect any personal information. However, Facebook and security has never seemed very tight with applications in mind; there is very little stopping an application being a spam-engine and causing more hassle than good.

Had Facebook decided to ask the users their opinions of this, explaining in lay terms so the vast majority of audience understands using a poll, perhaps the end result would have been far different.

While no company is perfect and it is becoming increasingly difficult to fix and plug holes in complicated code, both Facebook and Google should take something away from all this: Sometimes doing what you consider good causes more issues, and the customer has the final say.

Have your say. It's free, you know?

Topics: Social Enterprise, Apps, Cloud, Collaboration, Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • History ignored again!!

    You would think that with all the brainpower these companies employ, somebody would have suggested that they learn from history.

    MS has had to take huge measures over the last few years to correct technology that ignored security in favour of programming convenience.

    But now Google and Facebook come along and do stuff that opens gaping holes. Some just think they are impervious to the traps others have already fallen into.
    Patanjali
  • RE: Google Apps and Facebook's recent inbox controversies

    facebook inbox is not open
    3 luckly star
  • good idea about facebook

    A good post. Do you know tattoo? It is quite amazing. We supply kinds of tattoo kits, tattoo machines, tattoo needles, tattoo ink and so on. Please buy <a href="http://www.dealingway.com/Wholesale-6-machines-tattoo-kits_c268">tattoo kits for sale</a> at wholesale price from us.YJ5tP
    gavin.chan