Google+ underwent an early IT security analysis, focusing mainly on privacy and the overall conclusion was bland.
The results showed on one hand, there are some new functions that improve networking security among friends, but on the other hand there are several potentially problematic details, said security researchers Shah Mahmood and Yvo Desmedt, at University College London (UCL).
The new network has been a great success, having already attracted 40 million users. But Google’s previous attempts at establishing a social network to compete with Facebook have caused privacy concerns.
Among these concerns is the way in which Google+ currently handles images. Mahmood and Desmedt showed photos uploaded to the network retain their metadata. However, they say the service doesn’t inform users about this.
Another problem area identified by the researchers is the Google+ “About” section. There, Google is apparently prompting users to list previous addresses, previous names, and their maiden name. The researchers said this information could be useful to identity thieves. If a hacker could identify a user’s mother and the mother had entered their maiden name, then the user would have unwittingly disclosed the answer to a common security question.
Mahmood and Desmedt commended the fact that Google+ uses SSL encryption by default, for the entire Google+ network connection. Facebook only uses this encryption for its login page, unless a user explicitly enables the security feature. The researchers concluded Google+ sessions offer better protection against “Man-in-the-Middle” attacks.