Think Twice Before Adding Email Addresses To Your Google Calendar Events
According to Terence Eden, a renowned technology enthusiast and researcher, Google Calendar users are currently experiencing a relatively major and potentially embarrassing bug, which could lead to private events being revealed in third-party applications, published on your social networking feeds or even shared with a complete stranger via email.
In a post on his personal blog, Eden uses his wife as an example to explain the very irritating security issue — check out what he has to say below:
A few moments later, Alice sent her a “Meeting Accepted” email.”
From what we’ve seen in the past, if you use the Google Calendar web application and put an email address in the subject field, the recipient will have the event added to their calendar, but they will not receive an email notification. Creating an event in the same way on an Android-powered smartphone does not trigger a meeting request, but doing so on an iPhone does.
Regardless of the device used to create the event it is currently impossible to see who exactly has been invited, and if you try to delete the calendar item a ‘cancellation’ notification is emailed to the invitees regardless of whether the user received the original invite or not.
All-in-all this is a pretty major security flaw that Google needs to sort out sooner rather than later, seeing as it has an incredibly large user base. According to The Verge, the search engine giant is already working around the clock on a fix to resolve this issue, so hopefully it won’t be a problem we’re facing for much longer.
But for now, you might want to rethink what type of events you’re adding to your calendar, especially when you’re inviting someone else to view them.
- SourceTerence Eden