this post was submitted on 10 Dec 2023
155 points (93.3% liked)

Technology

58197 readers
3690 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
L4s@lemmy.world
155
New Report: Over 40% of Google Drive Files Contain Sensitive Info (www.infosecurity-magazine.com)
submitted 9 months ago by throws_lemy@lemmy.nz to c/technology@lemmy.world
21 comments fedilink hide all child comments
all 22 comments
sorted by: hot top controversial new old
[–] bjoern_tantau@swg-empire.de 109 points 9 months ago

[–] thejml@lemm.ee 67 points 9 months ago (2 children)

How was that not expected? Give people somewhere to stick files that they don’t want to lose because of a hard drive crash or computer malfunction. Files that they absolutely want backed up somewhere not locally. Files that they may want to get access to while not at home… All those are going to be things like taxes, receipts, medical forms and data, scans of important documents, etc. like, that’s the point.

[–] deaf_fish@lemm.ee 18 points 9 months ago

The first step towards societal change is to admit we have a problem. Studies like this are a necessary first step.

[–] TORFdot0@lemmy.world 9 points 9 months ago (1 children)

The article is specifically about Business Workspace accounts. The concerning part was that then about 1/3 of the sensitive files were externally shared.

To be honest, the article reads like blogspam for an up-and-coming cyber security newsletter. The “report” is just marketing for a data governance software company.

People putting sensitive documents on their personal Google drive isn’t much of a risk if they follow best security practices securing their Google account.

[–] Squizzy@lemmy.world 6 points 9 months ago (1 children)

We share loads of shit externally that are private, but the people we share them with are the people it is relevant too so that stát doesn't do much.

If I show recruitment information to the recruiters we hire that is an external share of private information.

[–] TORFdot0@lemmy.world 2 points 9 months ago

Like I said it’s a marketing paper for a data governance software company. The numbers are to sell their product to corps that don’t know what their users are sharing, not that there isn’t a reason to share certain data externally.

[–] tbhall77@lemmy.world 65 points 9 months ago

The other 60% were found to be Linux isos.

[–] tux@lemmy.world 24 points 9 months ago (1 children)

This article just reads as an ad for the scanning company.

Also, while it's possibly true, it's based off seriously small sample sizes.

[–] key@lemmy.keychat.org 8 points 9 months ago

And sampling bias.

Plus they pick and choose numbers for a more drastic headline. "Sensitive" data is a very broad category, I don't know what criteria they used but that could be as little as someone's name being mentioned with a "todo" note. The quarter of a percent mentioned as having a "critical" issue I venture is closer to what most people think of when they read the title. Infosec consultants have a bad habit of inflating numbers until actual risks are lost in the noise.

[–] Marbles@discuss.tchncs.de 24 points 9 months ago (1 children)

How were they able to analyze 6.5 million files if 0.5% were publicly available? How did they get access to the 99.5% other files?

[–] remotelove@lemmy.ca 5 points 9 months ago (1 children)

The numbers are listed poorly and not put in the correct context, me thinks.

6.5 million documents is nothing compared to the user base of 3 billion, so that is something to keep in mind. Each number given is not clearly compared against the total user base, the total number of public documents or any other condition they listed.

Hell, I can't even tell if my guess is even accurate. It's really bad writing and I am not going to download the original report to find out more.

[–] Marbles@discuss.tchncs.de 3 points 9 months ago (1 children)

After I read some info on their website, I suspect the company sells security software to companies to investigate their own google drive usage. I guess they are reporting accumulated meta information their customers shared.

[–] remotelove@lemmy.ca 2 points 9 months ago* (last edited 9 months ago)

I dug a little deeper as well and I agree. The author of the link that was posted here just summarizes "papers" released by various security companies. It's not quality content, but it's a living for him I suppose. Meh.

[–] CrimeDad@lemmy.crimedad.work 7 points 9 months ago (1 children)

What is the security problem with Google Drive, bad user settings?

[–] cheese_greater@lemmy.world 3 points 9 months ago (2 children)

When will we learn?

[–] MNByChoice@midwest.social 5 points 9 months ago

We won't and are encouraged to not.

[–] hikikoma@ani.social 4 points 9 months ago

Normies are dumb as shit bro...stop expecting things from them.