#BugAlert: Anyone can manipulate Google's search results, spread fake news
The vulnerability pertains to the 'knowledge graph' that Google shows for providing quick/relevant info on search queries, like for a popular personality or a place.
Turns out, the same card can be used to fool people.
First up, here's what you should know about 'knowledge graph'
Knowledge graph is that part of Google search which we see on the right side after looking up for a particular query.
It contains quick facts and information related to topics/questions and eliminates the need of scrolling down and opening added websites at times.
From popular personalities to planets and places, Google shows a knowledge graph card for almost everything.
But, this card can be displayed for other, unrelated queries
While knowledge graph is handy for getting quick info, Wietze Beukema, a London-based security specialist, has highlighted a major bug in it.
The researcher has shown that the graph from one particular query can be taken and displayed for a completely different, unrelated topic.
Love Tech news?
Stay updated with the latest happenings.
Yes, notify Me
How is this possible?
As the researcher explained, the issue stems from the shareable short URL of these cards.
When entered in search, the short URL gives unique identifiers for the fact card, which can be taken and added into any regular search result URL to manipulate it.
We were able to verify the bug and generate several weird results, including one saying Ranveer Singh is US President.
Now, this is a major problem
So, if we can make Ranveer Singh US President, anybody can use this fact card to manipulate search results the way they want.
This can be a serious root of spreading misinformation directly through Google, which almost everybody uses for looking up for everything.
Not to mention, almost every one of us relies on this fact card for quick information.
What Google is doing about this?
The issue was highlighted back in 2017 by the researchers but has not been fixed yet. Google responded on the matter by telling TechCrunch that it is working on a fix, but has not provided any details on when it might roll out.