Google Blog Alerts can defeat Live Journal’s privacy settings?
Today I was reviewing my Google Blog Alerts and spotted a posting that surprised me. I was surprised because the post obviously may have an impact on the person who posted it because it contains some sensitive information that could have negative ramifications if it were made public.
I was curious, so I clicked to visit the Live Journal page that Google had obviously crawled. I logged in using my OpenId, but was stopped from viewing the post via Live Journals privacy settings on the post.
Now I’m wondering how Google was able to see the post, why they would crawl private posts at all and how this might impact users if it were made public. So I’m making it public. What do you think of this revelation?
Filed under Google, OpenID |7 Responses to “Google Blog Alerts can defeat Live Journal’s privacy settings?”
Leave a Reply
Unless Google accidentally got a hold of a user’s authenticated friends feed (which is unlikely considering how tricky I’ve found this is to configure when trying to do it on purpose), my best guess is that this user published this post publicly and Google indexed it before the privacy settings were changed.
Goes to show that the Internet is scarily permanent and unforgiving.
For some users I think it would certainly cause a little panic. But for a majority, hmmm…
If I imagined a scenario of Googling something off the wall like “doing blow on a toilet seat” and it returns the private journal of someone I might actually know. Even without seeing what’s written in the journal, the Google crawl tells me those words are inside that journal in one format or another. But what are the odds of that happening?
Either way, it’s an obvious loop hole in the option to keep journals private. Then again, if a person really didn’t want people to see what they’re writing, then why post in online to begin with?
It sounds like this is LJ’s screwup, if anyone’s. Google Blog Search crawls feeds, not pages (at least, last I knew). And they won’t log in to crawl a feed, so that feed must be out in the public. Perhaps it was using obscurity and someone linked to it or something.
This just happened to me. I was googling something I had posted on earlier today (friends-only post), and there was my own friends-only post looking back at me. It was not accidentally posted as public and then changed. It was friends-only the whole time. I have contacted LJ support and am considering deleting my journal.
That particular entry was not of a private nature (I just set my journal as friends-only), but other entries I have are.
Ooops. Kids don’t post that stuff online. Be smart. As @Lisa mentioned, the internet doesn’t forget. http://archive.org is just one of many examples of how it remembers.
Actually FriendFeed was pulling my private items from del.icio.us at the beginning. I stopped posting non-public links because of it. (Need to check to see if they’ve fixed that.
Holy Cow, That’s Scary! Is this a LJ only occurance, or is it across all blogging platforms?
I teach all my clients not to post anything they would EVER regret (on any site) under current privacy policies… you never know what privacy may be in 10-15 years and you don’t want to harm yourself… that said, it’s okay to have little fun. The world is becoming a much more open and accepting place because of social networks and no one’s going to hold a beer bong photo against you 10 years from now