Security software creator BitDefender has found a second privacy flaw in new social media website Google+.
The news comes on the same day it was announced that Google+ will not allow any more invites due to ‘insane’ interest.
Alexandru Catalin Cosoi, head of the BitDefender online threats lab, said: “The Financial Times already reported on the important privacy issue regarding the reshare feature that cannot be disabled by default, and this related flaw presents similar problems.
“One of the main features of Google+ is Circles, the possibility to easily share the right content to the right people. However, once the content has been shared to a Circle, anyone can share it by default to other Circles. It boils down to the fact that the tagging feature can be bypassed by using the reshare option.
“Let's say user “A” shares a picture only to their “Close Friends” circle, and disables resharing. All it takes is for someone from that "Close friend" circle to tag a person from outside this circle in the picture. Once this has been done, that person can share the picture to anyone, in any way.
“Whilst it's true that once someone has access to a picture they can save it and redistribute it, the concern here is that Google+ is promoting Circles as a way to be selective about how you share content, yet accidental and even deliberate sharing to other Circles is all too easy to do. Let’s not forget, if it happened to Bono, it can happen to anyone.”