Tell HN: Google Cloud lets anyone add you to a project without your permission

303 points by Ephil012 ↗ HN
Recently, a company in Kenya (which I have never heard or nor have any association with) added me to their Google Cloud project without my permission. At first, I thought I had mistakenly accepted an invite to their project. However, I swore that wasn’t the case. To test my theory, I tried creating an empty project and invited my other Google account to it. I discovered that Google Cloud lets you add ANY individual or company email (even at companies you aren't affiliated with) to a project without getting their permission or notifying them. Google doesn’t even send an email asking you to accept the invitation. It just adds you automatically without telling you. The end result is you can quite literally just type in any Google Cloud account (including accounts at companies you don't work at) and associate it with your project without them ever knowing.

The worst part is that you can’t leave the project after you’re added. Google requires the project owner remove you. They provide no way to remove yourself. I’ve tried contacting the company that added me but they’ve not responded to my requests.

I also tried contacting Google support and they’ve been less than helpful. At first, they thought that my account was hacked. I pointed out that this was not due to a hack, but due to Google’s faulty invite system. They responded back and said they didn’t see any association between my email and the project. So they listed the case as resolved and said they couldn’t discuss any further details about the project. This is despite the fact the unwanted project still appears on my GCP dashboard. I suspect they didn’t see any association because they were just checking the projects owned by my account and not checking projects I’ve been added to.

This whole situation seems like a recipe for unwanted spam since you can be added to projects without permission and can’t ever remove yourself. My biggest fear is if that company uses the project to do something malicious then my account might be banned by association. This could also be used in other ways. E.G. you could flood a competing startup's cloud dashboard with hundreds of bogus projects. You could even use it to get someone in trouble by adding them to a project that's doing illegal stuff (e.g. hosting illegal content). If this was limited to adding people within your GCP/GSuite this would be a minor issue because I doubt your coworker is going to use GCP to spam you / get you in trouble. However, the ability to add anyone and everyone outside of your GCP/GSuite makes this a huge issue in terms of spam / safety. Overall, this is a major oversight on Google’s side and is a huge security, privacy, and spam risk.

To date, I’ve still been unable to get any help from Google to resolve this issue. If there’s any Googlers willing to help, I would be extremely grateful.

129 comments

[ 3.1 ms ] story [ 177 ms ] thread
Idea: (never used Google Cloud, no idea of possible impediments)

1. Create throwaway account

2. Create throwaway project using throwaway account

3. Find emails of possible Googlers using public bug tracker

4. Add Googlers' emails to throwaway project

5. Post messages to throwaway project describing the problem

6. Hopefully Googlers understand the issue and can forward the issue to get it resolved

(comment deleted)
7. Throwaway Google account gets locked for ToS (adding people without their permission)

8. Associated real Google accounts get locked for being associated with throwaway (unless you have really good OpSec)

Might be worth a post on their bug bounty program though, assuming GCP is in scope https://bughunters.google.com/

That’s a great idea. I’ll try reporting it on their bug bounty

Edit: Reported it

Idea:

1. Create a throwaway account.

2. Add a bunch of professional developers' at big companies email addresses to the account. Just shoot in the dark: johnanderson@google.com, mikejohnson@airbnb.com, wandamaximov@apple.com, throw in a couple common email aliases as well like developers@twitter.com or mobileteam@airbnb.com

3. Publish a bunch of apps to the play store which clearly breaks their app store policies

4. Google has been known to automatically network-ban associated accounts and their play store apps if a play store account is found in violation of their policies.

I'm sure this isn't a serious suggestion anyways... but if you were going to be malicious like this you ought to not include google.com accounts. They're likely treated differently.

Also, harvesting actual emails from github is really easy.

Actually, add @apple.com emails. They are a large GCP customer for iCloud.

You could potentially bring down iCloud.

You joke but this won't actually work as the GCP dashboard is already useless for Googlers as it often doesn't even load due to the sheer volume of projects.
(comment deleted)
Future HN post: Can being added to a project be defamatory?

(Maximum fun when you sue your own employer.)

Sure feels like it could be:

Project name: bob-does-[unsavory thing]

Adds Bob to project

I am not even sure what all the fuss is about. AWS IAM has the exact same “issue” where an IAM principal can be allowed to access a resource without asking the party in question.

This model is used because otherwise providing permissions becomes extremely difficult, and users are more likely to throw away the entire concept and settle for one common set of credentials for all users across the project (in the form of a common Google account in case of GCP, or the root user credentials in AWS.)

This is not the issue.
The issue is different from this. Allowing someone within a company to access a resource without asking them is not as big of a deal. The issue here is people outside your company can add you to projects without consent.

Imagine you're a malicious actor and want to spam some company's Google Cloud Dashboard. You could just create a 100 different projects and add the company's users to those projects automatically, even though you're not part of that company. Those projects can never be removed or deleted from the dashboard. So every user at the company you're trying to spam can never get rid of it (without Google support intervening maybe).

Or let's say you're a malicious actor trying to get someone in trouble. You could create a Google account and hide all traces of who created it. Then you could just create a project doing something illegal (e.g. hosting illegal content) and then add someone to the project. When the authorities find out about the project, the person you're targeting will get investigated for hosting illegal content.

> The issue here is people outside your company can add you to projects without consent.

Same for AWS, granting an identity in another account access to resources in your own AWS project also requires no approval on the other side. The issue you seem to have with Google is that it's verbose about showing everything you have access to.

As for the company scenario, this is effectively not an issue for Google Workspace-enabled domains since your default project list shows projects under your domain (if you're not parented to gmail.com).

I saw another comment which said this wasn't quite the case. https://news.ycombinator.com/item?id=34193624

Even if it is the case, it is still an issue because it can be used for abuse. If you wanted to pin abuse on someone you just need to add them to the project doing something illegal. Google tends to be trigger happy about banning so it could affect someone. I bet there are avenues for companies to deal with a situation like this, but it still affects individuals which is a big problem. Especially if your personal account gets banned.

I'd also argue that it's a spam issue for companies (albeit less than it is for individuals). You may not see it by default for companies, but it will still appear in some lists throughout the UI probably.

I think honestly both AWS / GCP should ask for permission to be invited when you're adding someone outside your company.

(comment deleted)
I guess in addition to spam, there’s the risk of getting your Google account associated to some shady project.

This should not cause any trouble, but sometimes Google’s algoritms can be ”trigger happy” when trying to stop abuse.

> AWS IAM has the exact same “issue” where an IAM principal can be allowed to access a resource without asking the party in question.

This is not correct. This would only work if the resource is in the same AWS account.

For cross account access, both the principal and the resource need to allow each other.

See: https://aws.amazon.com/premiumsupport/knowledge-center/cross...

Technically, but this is more about how 'Account B Admin' must define who (user/principal) can access the resources Account A has already given Account B access to. The difference I see here is that it's not an invite system; Account A does not notify Account B of its new permissions when it grants them, and Account A is not notified when Account B's administrator has defined an access policy for those resources.
I think the concern is less technical and more policy.

I might be able to sts:AssumeRole to any number of roles created by bad cloud engineers that allowed my account instead of another. But - ignoring that it requires exceptional luck to find the right account/role pair - it takes explicit action on my part to move into their account. At the end of the day, I exchange my credentials for those in another account, and that action is logged in my account, theirs, and with AWS.

The concern here is this sharing happens without me doing anything. What happens if I get added to an account whose admin cries foul to Google? Or if their account is flagged for violating GCP terms? Given Google’s history, I’d be worried too.

Google in general has become far more loose on spam, from spam emails now showing on my Google calendar, to being added to projects where I cannot remove myself. They open up quite a lot of security holes and seem not be taking it seriously at all. I feel like this year for me has been some of the worst in a while. The amount of stuff I report everyday is considerable. I've been added to other drives in the past just you and I'm trying to find out how to move away from Google because of this issue. They are too big to care, but I've seen other platforms open up unfortunately it's hard to get away from the convenience of Google. Personally I think if you can move your stuff and create a backup account somewhere else it's probably a good idea too.
For personal stuff, it is daunting but degoogling is definitely sustainable. I have been unsuccessful getting every person to contact me on my new email no matter how many times I remind them though. There are great ecosystems out there for contacts, maps, storage, whatever, that don't rely on google, and if the spam bothers you, I recommend giving it a go for awhile to see. Change the email last though in case you decide not to make the change so you don't have to tell people twice to change their contact for you. For the people who don't change their contact for you, you can make a quick filter in gmail to forward mail from them to your new email, respond from that, and maybe they'll change your contact someday.

Also if you don't want to completely degoogle but just want to rid yourself of some of the spam, you can use services from other ecosystems, as part of a suite, and connect the email from that suite to a google account, so you can still use googles' services and the other suites' services. Then when randos add you to things like spam in your calendar, you won't actually see it because you are using a calendar from a different suite.

Just add larry@google.com to a GCP server churning out “inappropriate” Stable Diffusion images. The bug will be solved in no time at all.
(comment deleted)
Or google’s staff simply removes the association and suspend you.
Yes it’s relatively well known that gcp allows to assign random iam permissions to any service accounts, users and groups that exist within globally scoped gcp/gsuite domains with no way to restrict this by the recipients
Yeah, the big issue though is you can add people outside your company. Not just within your gsuite. Adding within the gsuite is not as big of the deal, but the ability to add anyone outside your company is a big issue because it enables mass spam
Yeah the thing is gcp account does not imply one-to-one mapping to gsuite domain. There are perfectly valid use cases for having multiple projects granting iam roles to multiple gsuite domains
Yeah true, but even with multiple domains I’d consider that within your company (as long as those domains are all owned by the company). If it’s outside your company (e.g. maybe your company is working with another company) then there should be some sort of mechanism to accept/decline invites
Google builds this spam-enabling mechanism into all of their products; Drive, Photos, Calendar, Google accounts themselves, etc.
My experience with AWS support is that they ask you if your issue has been resolved, and then let you close the ticket.

But it sounds like GCP just closes the ticket for you if the support guy think it's not an issue, even if you disagree, there's no conversation to be had?

TIL google had support tickets, I thought they largely didn't communicate with their client base
For most reasonable definitions of “communicate”, that is accurate.
They don't except for certain products. Google Cloud has a paid support plan. The free tier only lets you file tickets for billing issues. I ended up just filing this ticket as a billing ticket even though it's really not
Yeah I had similar experiences with GCP support a couple of years ago when I discovered that killing a k8s cluster takes hours. My issue was technically related to billing since I was getting billed for GPU VMs the whole time, but their free support was completely useless. They probably exist only to meet some checkbox requirement for accepting credit card payments
AWS will auto close a ticket after no response / activity for multiple weeks. That’s only after many, many warnings.
The guy said the ticket was resolved multiple times, but then I just responded again. He'd respond back with some unhelpful answer then say at the end "this issue is resolved"
This is accurate. I have a project that I don’t recognize stuck on my Console as well.
Can you do anything annoying but harmless in the project?
I don't know about their case, but in my case I can only view the project, but can't modify it.
I never had a good time with google Support ( not just gcp)

One time I sent a trade in device which usps confirmed as delivered to google , google store said that it was just an empty box and no phone was inside …

After fighting tooth and nail , I lost the case with google support because I didn’t film Myself putting the phone inside the box , only to notice few months later that the phone did reach in and they credited me with google credits ( for original trade in value)

Next time just charge them back with your credit card
This tends to be a terrible idea, unless you really just want to nuke your Google account.

(Googler, opinions are my own. I work on payments.)

This is consistent with a recent posting by a non-Googler.
Over the past serval months I realized with certainty that I should never use my personal Gmail account for any other Google services.

Gmail is Gmail only, for everything else create separate Google accounts you are not afraid to lose.

That's not good enough, they relate multiple accounts too, sometimes incorrectly.

IIRC a company got their project booted from the play store, because one of the developers accounts got a black mark.

I don’t think Google will resort to matching my accounts by IP address or some fingerprinting technique.

In any case, I am in the process of migrating off Gmail too, it just takes a lot of effort. But to your point, I should probably also download all my gmail data and archive it just in case.

Google Takeout is actually reasonably robust. I create/download one of those fairly regularly.
Not a googler, but: this is absolutely right.

Chargebacks are the mutually assured destruction of banking. There’s nothing wrong with firing a nuclear weapon if you truly feel it’s in your best interests; if you do, expect that your adversary will respond in kind and terminate all business with you now and in the future.

Sometimes that’s the right move, sometimes it’s not, just go into it with eyes open.

If you have a billing agreement in place with a company, doing a chargeback is just nullifying a payment. The balance can still be sent to collections.
Very possibly. If that happens, on the one hand, you’ll definitely escape algorithmic support - you’ll be in a world where people have to listen. On the other, they’ll only respond to certified mail.

I doubt Google would send anyone to collections in these circumstances. But - Careful what you wish for!

Since you might know - as I've seen the references on social media for this exact occurrence - is this referenced somewhere in T&Cs?
I'm in a layer that just gathers chargeback signals and passes them off to other teams. I have effectively no insight to how the signals are used for your payment profile and your Google account overall. I mainly just pay attention to people issuing their chargeback against Google, and then posting about it on the internet and the fallout they see.

Also, if you see charges from Google on one of your cards but wasn't on your profile, I recommend following this guide: https://support.google.com/googleplay/answer/2851610?hl=en

Just realize that’s the end of your google relationship. Same with steam, Sony etc. some pretty horrific stories of people losing access to everything- email, fi phone service, google play services on their phone.

Plenty of these stories:

https://www.reddit.com/r/tifu/comments/zndbku/tifu_by_accide...

I’ve heard people following this advice really regret it because they don’t realize how much ties to google. Please make sure folks you are advising understand this.

There was a recent thread here about how chargebacks generally cause companies to delete your accounts and deny you access forever without any way to appeal.
I am on a personal gmail so I can't test this myself. However, I suspect it might not prevent it. The feature you linked seems to just allow you restrict domains that projects within your org can be shared with. The issue is not that you're sharing projects with someone else, but that they're sharing projects with you. So in that case, this feature would do nothing to block that as far as I can tell. That is unless they add the ability to block someone outside sharing stuff with you (which I did not see any mention of after a quick skim of the link you posted).
No, as this is at the granting org level - so the org owner may restrict it to their domain and anyone under it won't be able to assign privileges to an identity from a random domain, but that's not what this is about - If I own the org and project I can opt to not restrict the domains and invite anyone.

However IIRC Owner Role grants require email invite acceptance, just not sure if that's policy driven as well - https://issuetracker.google.com/issues/111843590?pli=1

If a GCP project hosted child porn. And the project admin added you as a co-owner to said project. Would you be legally be at fault or implicated?
(comment deleted)
No, because thank goodness the law is not executed by automatons, it is a system of humans with human brains.
Brains that may be vulnerable to political deceptions, biases, and prejudices. I can think of some countries where government, police, and judiciary seem to conspire regularly to implicate critics.
Ironically for that reason I'd expect that maybe after a lengthy investigation you'd be free, but you 100% would have your life majorly complicated along the way.

I unfortunately can't imagine a world in which someone non-technical doesn't just get a list of emails associated with a project and all of them get rounded up by their local PDs.

I've never understood why in so many situations like this, there's no capability to remove yourself.
A company without customer support is incentivizing everyone to blare every single problem to the largest possible audience. The overall impression is that the company's products are unpleasant and dysfunctional. It's the opposite of advertising. Is not having support really worth the damage this causes to a brand?

That said, many people treat support so badly that offering it may be worth avoiding on principle.

> Is not having support really worth the damage this causes to a brand?

Once you reach a certain size the reputation of your brand is almost meaningless. Some of the largest and most successful companies around are almost universally hated and have terrible reputations. Those companies don't care and they continue to make unpopular decisions and actively screw over their customers and their employees all while pulling in record profits.

Maybe your confounding "large company" with monopoly or duopoly?

Can you give examples of large companies with more than 1 competitor who get away with treating customers badly in the long run?

Google cloud is a distant third in the cloud space. So claiming they are a monopoly is frankly pretty ridiculous.
I think we agree then don't we?

Google Cloud has competition, people dislike them because of their lack of support, thus they are a distant third and likely NOT getting away with it in the long run?

Bravo, you've built the perfect circular argument.
Depends on your definition of monopoly I guess. AT&T, Amazon, Comcast, Google, Paypal, Exxon, Microsoft, Philip Morris, DuPont, Facebook, Monsanto, Electronic Arts, and United Airlines are all very much hated and there are "alternatives" and "competitors" enough that they aren't illegal monopolies under our current and admittedly broken laws (although some of them have been in trouble previously)
Some of those are not hated by their “customers” to be fair - but a decent number are. And the vast majority of people don’t have “much issue” so they keep plugging along.
Amazon support is better and AWS makes more money. It's worth it.
GCP has paid support, it starts at around $30/month and gets you an assigned human within 4 hours or something.
Yeah, which really sucks if you don't want to shell out that money. I don't have paid support and had to go through their billing support line (the only support line they offer for non paid customers)
If this seems like a project that this other company actually uses for anything important, you could start doing things like deleting random cloud resources, like compute instances, storage buckets, etc. (I guess it depends on what permissions they granted your account, though.) That'll definitely get their attention, since they seem to be ignoring your emails.

There's risk, though, whenever you do something that looks malicious: your account might get suspended. Also not sure if you could be legally liable for anything bad you do.

> There's risk, though, whenever you do something that looks malicious: your account might get suspended.

I wonder what happens to your personal and unrelated Google account if the project manages to get itself suspended.

I bet this could be weaponized fairly effectively - add a bunch of Google insiders to a project and get it noticed by an automated enforcement system. Turn the labyrinth against itself.

In my case, I can’t even do that. They added me but with view only permissions. Plus I don’t want to do it as it’s unethical
If you have their email address, perhaps you could add events to their google calendar reminding them to remove you. A quick search of linked-in might give you other staff members, and you could repeat the effort.
(comment deleted)
cant you look for alternative products? or if there arent any, make them yourself?
Same goes for Google documents. Sharing docs or spreadsheets with malicious content is common. It's frustrating that Google doesn't lock that down.
Can you reproduce and send it into a bug bounty program?
I already submitted it as a bug bounty after another comment suggested it
Years ago someone reported this about GitHub projects as well. If I recall correctly, working as intended was the response.
In response to those complaints GitHub now requires you to accept the invitation before you're added. And it always sent an email notification and allowed you to leave voluntarily.
I open a ticket exactly 6 years and 1 day ago regarding exactly this same issue: https://issuetracker.google.com/issues/35903415?pli=1 . Guess that they will never fix it.
This is what I don’t get about google. I was all in on their ecosystem but then things like google speakers not working with google work calendars despite thousands of requests for 5 plus years. Meanwhile Amazon added feature to echo quickly. Then stuff like this, they just do not care / have any kind of a customer focus
What I don't get is people that keep signing up to Google services or hosting their apps on Google Cloud.

Of all the software vendors out there, Google is the last one I'd use, and I certainly wouldn't rely them to run my business.

(comment deleted)
(comment deleted)
Can't get a promo for stuff like that. A version of Goodhart's law.
Should have built a new messaging app...
Perhaps they need what Rory Sutherland called a Chief Detail Officer. Everyone is preoccupied by issues that are roughly the size of their team and budget. Few people are concerned by the little things that make or break a user's experience.
(comment deleted)
This is what operations is supposed to do.

... on the other hand not firing people for negligence is how you build a moat, and pump the stock.

Seriously though. They push asking your Home "what's on my calendar today" with their tips, so I try it, and... wait why is there nothing on my calendar? Even though our Workspace settings are specifically set to allow Assistant access.
What’s funny is echo from Amazon works great for your google workspace account! Google has improved the situation but for like 6 years the mind boggled - so busy chasing big ai stuff, so little attention to customer stuff - the threads on this were thousands long - and that’s just the folks who could even figure out where to complain. And google workspace users are PAYING!!

I pay for dev support on aws and have had good support on Amazon retail as well. They can actually solve issues. I think Amazon retail credited me a very expensive purchase not because they could see the screwup their side but could understand what might have happened and maybe looked at my insanely long purchase history with virtually no returns and just made a call on the issue. Aws dev support should stick to scope - I do think some folks get way outside AWS specific stuff and into user solution configuration error stuff

Yep... This is incredibly frustrating and literally they do not care about fixing it.