Sharing a Google Calendar with another Gmail user can expose the first name and last name that the recipient of the shared calendar supplied to set up a Gmail account.
Finding out the name with which someone registered his or her Google Gmail account is as easy as sharing a Google Calendar.
Security researcher Aviram Jenik on Tuesday published details about this privacy oversight in a blog post. He attributes the issue to the strong linkage between Google's various services.
By sharing a Google Calendar with another Gmail user, the sharer is able to see the first name and last name that the recipient of the shared calendar supplied to set up a Gmail account.
At the time this article was written, Jenik's technique still worked. A Google spokesperson said in an e-mail: "This is not a security issue. It was originally incorporated into the product to make it easier to send Calendar invites to Gmail users. However, we are currently taking steps to remove it."
For those who include their first and last names, or some variation, in their Gmail addresses, there's no real privacy issue since the address itself already exposes the information.
But for those with pseudonymous Gmail addresses or Gmail addresses with a deliberate generic association, such as "email@example.com," the revelation of the first and last name supplied by the account holder could be undesirable.
Not everyone who signs up for a Gmail account supplies accurate name information of course. But even placeholder information may play a role in identifying someone if that information can be associated with the individual through a Web search.
For example, an alleged identity thief was recently identified using a Google search in part because he supplied his first name while registering for an IM client account.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.