by In order to save time and convenience, many people often log in directly with their personal Google or Facebook account when logging in to third-party platform websites or using Apps.The Washington Post reportedwhich may inadvertently make yourself the target of a specific company’s tracking, which is like exposing yourself to the risk of personal information leakage!
The report pointed out that some websites can obtain users’ personal information by “logging in with a Google or Facebook account”; a reader of “Washington Post” responded that in order to save the time of logging in and uploading his resume, he clicked the “user” button on the job site Icms. Google or Facebook account login” consent option, unexpectedly, the website has obtained permission for personal digital history and files at the same time.
Icms has 2.4 million users and provides users to upload resumes from the online synchronization storage service Google Drive, but when clicking the upload button, it will pop up “This will allow iCIMS to view and download your “all” Google Drive files”, if you click Choosing YES is like directly leaking a lot of personal information. In response, Al Smith, chief technology officer of iCIMS, responded that the company does not read and view other information of users in Google files when users upload their biographical information.
A Google spokesperson told The Washington Post that users still have “choice and control” over the sharing of personal data in the “access permission” option, but how many people are willing to take the time to read and digest the fine print? ?
Facebook warned 1 million users this month that their personal information may have been stolen by 400 malicious apps, and The Washington Post pointed out that tech criminals have deliberately created fake web buttons with a “Sign in with Facebook account” option. Used to steal user personal information.
Sometimes “logging in with a Google or Facebook account” is fine, says Bogdan Botezatu, director of antivirus software firm Bitdefender: “If it’s a legitimate website or service, then there’s nothing to worry about.” For example, some people log in Google grants permission to Zoom cloud video conferencing.
Still, many are wondering “how do you know when it’s legal and when it’s not?” Jen Caltrider, a privacy researcher at the nonprofit Mozilla, said it’s impossible to be 100 percent sure, because many companies hide how they steal users’ personal data. fact. Therefore, “China Post” recommends that, in order to protect personal information and files, when encountering the “Login with Google or Facebook account” option, it is recommended to directly select NO!
For more technical information, please continue to hold the Urban Tech Story version!
【source】
