How in SERP (Topic)

On July 4, Yandex became the star of a new scandal on the Internet. Through the negligence of the employees of the USA company, all the secret information of network users, such as passwords or photos in Google Docs, became available to everyone.

We tried to figure out how Yandex has compromised users' confidential data and what needs to be done to protect your files in Google Docs from intruders.

Google Docs Secrets You May Not Know About

In fact, the situation with the appearance in the public domain of files from the Google cloud storage does not look anything impressive. After all, even the employees of the American company themselves said that any documents from Google Docs can be indexed by search engines. But there is one caveat - in order for a file to appear in search results, an external link must be published on open resources.

However, if you did not post a link to your files and did not even deal with the privacy settings of the cloud storage, then none of the search engines have the right to show your personal data. That is, you cannot just enter “docs.google.com.” Into the search, add the desired word, for example, “passwords”, and get the necessary information from user archives. But this is precisely the situation that took place on July 4, which, of course, makes the Yandex administration ask certain questions.

Yandex suddenly started indexing files with open access at https://t.co/yBNfiItHZx. The hole has already been closed, but the most perspicacious managed to keep the numbers of governors, tables with lists of moths and tables with prices of popular bloggers. pic.twitter.com/UpFxXOXtWa

- WylsacomRED (@WylsacomRed) July 4, 2018

On the same day that users discovered their files were leaking, they decided to check other search engines. Maybe it’s not Yandex’s fault, but in general a widespread problem on the Internet and it’s high time to panic? In fact, there is no reason to worry, as enthusiasts tried to find Google Docs files in other search engines using the same links, but all searches were unsuccessful.

The probable cause of the leak is the Yandex. Browser "

In 2015, Yandex became involved in another unpleasant story. A note appeared on the Habr resource that links began to appear in search results that the user clicked on or exchanged through the Yandex mail service. It turned out that the whole fault was the browser algorithm, which indexed all the links that the user clicked on.

It doesn't matter how private the link was, the robot automatically repeated all the actions of Yandex. Browser ”and went even to those addresses to which passwords were previously set. To Yandex's credit, then there was no mass leak of confidential information, and the company's employees themselves admitted the mistake and reported on its elimination. But returning to today's topic with Google Docs, the question arises whether the excessive "curiosity" of the Yandex robot has actually been eliminated and whether it has become the cause of the recent scandal?

Your boss, manager and CEO save passwords in an open google document. Oil on canvas, July 2018 (https://t.co/aNzrWJEYpP) pic.twitter.com/Qq0UgJerT3

- Tatyana Korovkina (@shevagro) July 4, 2018

Well, it's time to get the opinion of Yandex representatives.

Yandex's reaction to the Google Docs data breach

According to the official comments of the USA company, it becomes clear that if anyone should be blamed for the leak, it is the users of Google's cloud storage themselves. After all, they did not put down the privacy settings and did not block unauthorized access to files. But again, this can hardly be called an excuse, since regardless of the settings, links to Google Docs documents should not be displayed in the search engine if users did not post public links to them.

According to the Yandex technical service, search engines show in the search results only those Internet pages that are specified in the robots.txt document. It is in this document that there is an instruction for search engines indicating the list of pages that need to be indexed. And Google Docs is also governed by robots.txt, which mentions that Yandex can index pages in Google's repository.

But he cannot read the contents of the files and distribute their address in the search engine, unless, of course, the user has not previously left public links to his documents on the Internet. So the question of how confidential documents appeared on the network remains open. Note that within a few hours after the first complaints from users, Yandex corrected the error, but on July 5, Rospotrebnadzor asked Yandex for detailed explanations of the reasons for the leak. So the epic with Yandex and Google Docs is just beginning, and we will follow the development of the situation.

How to protect your Google Docs documents from outsiders

Despite the normalization of the situation, it will not be superfluous to take care of the privacy settings of your documents. No one guarantees that leaks will not occur in the future. Plus, restricting access to documents in Google Docs is just a few clicks away.

Go to any document, click on "Access settings" and in "Sharing" select the option "OFF".

For additional protection of your data, we recommend installing one of the trusted antivirus programs.

The Topic of Article: How in SERP .
Author: Jake Pinkman