Friday, October 31, 2014

Google Drive add hidden logs, to spy and track files created in their service


This time I will share with you my finding, regards Google Drive/docs.

Lets start from old news,form a year ago:


NSA can track you with cookies from Google, iOS, Android – and it might be legal
By on December 11, 2013



Generally speaking

Above all,I like Google,I don't like to way they took our privacy.
This story will show you where is the limits,and why tracking files and the people who read them, it's not a smart move in the world where the privacy is waking up.

Google drive act as a cloud service by Google Inc, with abilities to store data,and writing docs it's one of the features the service gives,which is good as long as they tracking you,but don't leave hidden tracking mines in the files.

Here you can see the difference between Google Docs and Google Drive)

The finding

I was reading my CV which in the first time, has been written with Google Drive service, then I saw something really interesting,hyperlinks which were different then the original which was added by me.

I didn't ask Google to track for me my file.

Even after converting the file to PDF ,I had those Google mysterious tracking links.
Checking them out I saw how the redirection is being made:

Example:

This :


Takes you to :



Redirection
Original hyperlink
cookie string





I was getting a cookie as well,in the time when I clicked on the hyperlink and got redirected:



q=http://valleywag.gawker.com/facebook-lets-you-track-friends-precise-location-throug-1564328515
sa=D
sntz=1
usg=8888

Host: www.google.com
User-Agent:
DNT: 1
Cookie:PREF=ID=88:U=88:FF=0:LD=iw:NR=100:TM=111:LM=11:SG=2:S=aaaa; NID=67=888-pldwa-er-88_88-8888; SID=888888888_88888888888888-DKanetR1_8888888888888_8888888_8888-888-88-888_888_88_88; HSID=888; APISID=3T0NSCkPbont-Cks/88-88
Connection: keep-alive

Checking out in cookiepedia, show me this:
http://cookiepedia.co.uk/cookies/APISID



Lets see some videos,to have more proof :







Here is the exported PDF  from the drive:




Now I wanted to know more about Google behaviour, what is the purpose of those links,is someone knew about it or not?.s

Looking for the strings:" "&sa=D&sntz=1&usg=" in Google gave me only 92 normal results.



More digging gave me more explanation.

Conclusion


Google track hyperlinks in Google search, some people think it's related to redirection and nothing more,others saw the attack options,but having this in docs/drive is less known and this should concern not only the owner of the files but the readers of them.

Tracking users files, show us why Google don't see the red line.
Knowing that's your files are being tracked, and sent anonymously to Google,put anyone who gets them under surveillance.

You should think about it,as adding your own hidden tracking script, to spy on someone who gets a file from you.  

Solution

Always check the hyperlink before opening it.
Don't write the file in Drive/Doc
Don't add hyperlinks.

P.S.

I've done confirmation only in Drive,but it seems to be the same in Google docs as well. 
 
-----------------
For more info about Google tracking and it's uses:





No comments:

Post a Comment