Handling the circulation of fake news is one of the hottest issues that companies like Facebook, Google and Twitter are dealing with these days. However, Google has failed to patch a security bug that was uncovered long ago and could make it the mouthpiece of fake news and misinformation.
The bug could be exploited by anyone to manipulate search results and use for ill-intended purposes. Wietze Beukema, a London-based security analyst, published a blog post titled “Spoofing Google Search Results” where he described how “knowledge graph” could be modified and appended into different search queries.
Google Knowledge Graph is a snippet box displayed in the search results where the search giant displays quick information related to a query searched by a user. Knowledge Graph usually appears on the right side of the search results.
By clicking on the share button in the snippet, a short URL can be obtained which contains a unique knowledge graph ID. This &kgmid parameter could be added into web address of a search query to display a knowledge graph in any search result.
For example, you can display Kim Jong-Un’s photo under the search query “Who is the president of the US?”
Beukema also explained: “Google also offers a way to view the Knowledge Graph card in isolation and omit the search results. By adding the
&kponly parameter to the URL: the Knowledge Graph card is no longer a side panel, but has moved to where you would normally see the search results.”
We tried to test the bug and here are some results —
Apart from the jokes, the vulnerability could be used to spread fake information which is a worrying factor. Moreover, you can share the link on Twitter, Facebook, email, and WhatsApp as the bug does not break the HTTP link. The recipient would not see anything wrong with the URL when shared and would assume the search result to be true.
This is not a new bug as it was first reported to Google in December 2017 and the company failed to take any action.
Talking to TechCrunch, a Google spokesperson said that the company is “working to fix” the bug, but it was still persistent at the time of writing.
With incessant blame on Google for displaying politically biased results, the bug could be exploited in ways enough to start a world war. I hope that Google would fix this bug before it reaches the hands of propaganda spreading agents.