The Ubuntu online forums have been hacked

The Ubuntu online forums have been hacked, and data belonging to over 2 Million users have been compromised, Canonical just announced.

The compromised users’ data include their IP addresses, usernames, and email addresses, according to the company, who failed to apply a patch to secure its users' data.

"There has been a security breach on the Ubuntu Forums site," Jane Silber, Chief Executive Officer at Canonical wrote in a blog post. "We take information security and user privacy very seriously, follow a strict set of security practices and this incident has triggered a thorough investigation."

"Corrective action has been taken, and full service of the Forums has been restored. In the interest of transparency, we’d like to share the details of the breach and what steps have been taken. We apologize for the breach and ensuing inconvenience."

After deeply investigating the incident, the company came to know that it left a known SQLi (SQL injection) vulnerability unpatched in the Forumrunner add-on in its Forums that exposed its users data.

The SQL injection (SQLi) attack is an attack used to inject malicious SQL commands (malicious payloads) through the input data from the client to the application in order to breach the database and get access to the user's personal data.
 
The vulnerability is one of the oldest, but most powerful and most dangerous flaw that could affect any website or web application that uses an SQL-based database.

According to Silber, here’s what the attackers were able to access:

1. The attackers were able to inject formatted SQL to the Forums database on the Forums database servers, which gave them access to read from any table.
2. The attackers then used the above access to download portions of the ‘user’ table containing usernames, email addresses, and IP addresses for 2 Million users.

Since the passwords stored in this table were random strings (which were Hashed and Salted) as the Ubuntu Forums rely on Ubuntu Single Sign On for logins, the company said that no active passwords were accessed by the attackers.

Cleanup

• We backed up the servers running vBulletin, and then wiped them clean and rebuilt them from the ground up.
• We brought vBulletin up to the latest patch level.
• We reset all system and database passwords.

Hardening

• We’ve installed ModSecurity, a Web Application Firewall, to help prevent similar attacks in the future.
• We’ve improved our monitoring of vBulletin to ensure that security patches are applied promptly.

However, users should keep in mind that the hack did not affect the Ubuntu operating system, or it was not due to a vulnerability or weakness in the OS.


source: insights.ubuntu.com

Read More

IDM Version 6.25 Build 23 Full Update + Patch is available (Jul/12/2016)

Internet Download Manager aka IDM developers release a new build of  their well-known Download Accelerator. IDM supports the following web browsers: Internet Explorer, Opera, Netscape Navigator, Apple Safari, Flock, Google Chrome, Mozilla Firefox, and many others.


Version 6.25 Build 23 Final is available (Jul/12/2016)


What's new in version 6.25 Build 23? 
- Fixed problem with video recognition for several video types
- Fixed bugs

What's new in version 6.25 Build 22?
- Fixed problem with erroneous interceptions of video data
- Improved video recognition in web players
- Fixed bugs

What's new in version 6.25 Build 21?
- Added support for Firefox 48
- Fixed problems with video recognition for several types of web sites
- Fixed problems with taking over some types of downloads in Firefox
- Fixed bugs

What's new in version 6.25 Build 20?
- Fixed critical bugs
What's new in version 6.25 Builds 2-19?
- Improved Google Chrome integration module
- Added support for Firefox 47
- Added support for Firefox 46
- Added support for Firefox 45
- Fixed problems with video recognition for several types of web sites
- Added support for Firefox 44
- Added support for new types of videos for several web streaming services
- Made a workaround and fixed compatibility problems of previous.
  IDM version (6.25.5) with Kaspersky Internet security on Windows 10
- Improved video recognition in Google Chrome on Windows XP
- Added support for Firefox 43 and SeaMonkey 2.39, 2.40, 2.41
- Lowered CPU consumption
- Fixed bugs
 

Features:
IDM downloading a file

•     Divides downloads into multiple streams for faster downloading
•     Batch downloads
•     Import/Export download jobs
•     Auto/manual updating of download address
•     Multiple queues
•     Recent downloads list for easy access to directories
•     Video downloading from streaming video sites.[2]
•     Dynamic segmentation throughout the downloading process.[3]
•     Protocols: HTTP, FTP, HTTPS, MMS[4] and Microsoft ISA
•     Authentication protocols: Basic, Negotiate, NTLM, and Kerberos allowing for storage and auto-authentication of user names and passwords.

How to Use ?
---------------------------------------
1. Close IDM on Taskbar, Install idmupdt.exe this will update your IDM Automatic, NO Need to restart your computer!!

2. After Finish it will pop out "Fake Serial" close and ignore everything
in short Close!!

3. Copy IDMan.exe and IDMGrHlp.exe from Crack Files Folder  to IDM installation path ( ex : C:\Program Files\Internet Download Manager or  C:\Program Files (x86)\Internet Download Manager\ )

4. Run Activate.reg file

5. Launch IDM

6. Done !

NOTE: This manual method activation is not generic, means these files can be used to activate IDM 6.25 build Final 22 only.

(Google Drive  download link might contain ads please disabled your adblock skip ads in 5 second to redirect to the link )

Google Drive

Read More

Samsung's 4TB Internal SSD with capacity and speed to replace hard drive

Samsung may have finally delivered a no-compromise option, however. It's introducing a 4TB version of the 850 Evo that, in many cases, could easily replace a reasonably large hard drive. While it's not the absolute fastest option (the SATA drive is capped at 540MB/s sequential reads and 520MB/s writes), it beats having to resort to a secondary hard drive just to make space for your Steam game library.

Of course, there's a catch: the price. The 4TB 850 Evo will set you back a whopping $1,500 in the US, so it's largely reserved for pros and well-heeled enthusiasts who refuse to settle for rotating storage. Suddenly, the $700 2TB model seems like a bargain. 

Even if the 4TB version is priced into the stratosphere, though, it's a good sign that SSDs are turning a corner in terms of viability. It might not be long before high-capacity SSDs are inexpensive enough that you won't have to make any major sacrifices to put one in your PC.

For comparison, the current 2TB 850 EVO sells for $644 on Amazon, so that price seems in-line.  

Read More

Facebook, Twitter and YouTube blocked in Turkey during coup attempt

The Turkish military has deployed in Istanbul and Ankara, and the government has apparently blocked social media in response to what is being reported as an attempted coup.

Turkey Blocks, a Twitter account that regularly checks if sites are being blocked in the country, reported at 11:04 PM Istanbul time that Facebook, Twitter and YouTube were all unresponsive, though Instagram and Vimeo remained available. Access was restored after about an hour-and-a-half, according to the research agency Dyn Research.

Some residents of Turkey appeared able to access social media, likely via a VPN or some other anonymizing service. Anyone affected might want to try Tor Browser for Windows and Mac OS or Orbot for Android.

Mean while  UN condemning countries that intentionally disrupt citizens' internet access.

UN's previous statements on digital rights, reaffirming the organization's stance that "the same rights people have offline must also be protected online," in particular the freedom of expression covered under article 19 of the Universal Declaration of Human Rights.

The resolution was passed by consensus last Friday, but was opposed by a minority of authoritarian regimes including Russia, China, and Saudi Arabia, as well as democracies like South Africa and India. These nations called for the UN to delete a passage in the resolution that "condemns unequivocally measures to intentionally prevent or disrupt access to our dissemination of information online."

Read More

Las Pinas self-proclaimed international hacker nabbed for credit card fraud, link to drug trade

The National Bureau of Investigation (NBI) has arrested a self-proclaimed international hacker for credit card fraud and his involvement in illegal drugs trade in Las Piñas.

NBI’s Anti-Illegal Drugs Division (NBI-AIDD) nabbed Edgar D. Silvano Jr. alias Boy Tattoo last Wednesday in a raid conducted at Unit 404 Hanalie Building Ohana Place Residence, Barangay  Almanza Uno in Las Piñas.

NBI-AIDD chief Joel Tovera said their search warrant was for drugs but when they conducted the raid, they discovered that Silvano was also involved in credit card fraud.

 
The search yielded two transparent bags and assorted paraphernalias. However, examination results showed that only the two plastic tooters and two improvised glass pipes tested positive for shabu.

Aside from the drug paraphernalia, the NBI also seized hundreds of credit cards with different names, bank books, several laptops, computers and skimming device used to steal a card’s information. An NBI video of the arrest showed the discovery of several HSBC, Metrobank, Bank of the Philippine Islands, American Express, Banco de Oro credit cards, among others, inside Silvano’s unit.

When questioned about the cards, Silvano said in the video: “I want to see the expiry date… I want to know how to crack it.”

He is stealing information using a skimming device and then he would print the stolen information onto blank cards,” Lavin said.

Tovera said the NBI was checking if Silvano had also hacked into online shopping web sites to get their clients’ data.
The convict’s laptops and other gadgets are being subjected to forensic examination by the NBI cybercrime division, Lavin said.


The NBI said Silvano was a member of an underground group called “Oneball.” After leaving the group, he established his own IRC Channel “#.ph” in DalNet.server.

He was convicted in HongKong of hacking confidential data of HSBC Bank but was allowed to go on probation.
Tovera said they are already coordinating with their counterparts in Hong Kong to get the details of Silvano’s previous case. RAM/rga

source: inquirer.net

Read More

DARPA Cyber Grand Challenge - WIN $2 Million Create Automated Hacking System

DARPA has come up with an idea: To build a smart Artificial Intelligence System that will automatically detect and even patch security flaws in a system.

The Defense Advanced Research Projects Agency (DARPA) has selected seven teams of finalists who will face off in a historic battle, as each tries to defend themselves and find out flaws without any human control.

The DARPA Cyber Grand Challenge will be held at the annual DEF CON hacking conference in Las Vegas next month.

The winner team will be awarded a prize money of $2 Million for building a system that can not only detect vulnerabilities but also write its own patches and deploy them without crashing.

The CGC aims to make this issue much easier, building a system that can sniff out software vulnerabilities and fix them within minutes, or even seconds, automatically.

For Cyber Grand Challenge, the seven teams of finalists will be given a DARPA-constructed computer powered by a thousand Intel Xeon processor cores and 16TB (terabytes) of RAM.

Each team has the task to program their machine with a "cyber reasoning system" that will be able to recognize and understand previously-undisclosed software, detect its flaws, and fix them without human intervention.

"Cyber Grand Challenge [CGC] is about bringing autonomy to the cyber domain," CGC program manager Mike Walker said in a conference call Wednesday. "What we hope to see is proof that the entire security lifecycle can be automated."

Walker said software bugs go undetected for an average of 312 days, which hackers can often exploit. In fact, even after detecting the flaws, the human takes much time to understand the bugs, develop patches, and then release them to the broader community.

The contest will be held at 5 pm on August 4 for over 10 hours in the Paris hotel ballroom in Las Vegas. The first winner team will take home $2 Million in prize money, while the second and third winner will get $1 Million and $750,000, respectively.

Moreover, once the challenge starts, the teams will not be able to jump on their machine's keyboards and do anything more.


The cyber reasoning systems will be networked in such a way that the teams can also examine their competitors' systems for issues, but can't actually hack them, and get extra points if they are able to generate automatically proof-of-concept (POC) exploits for flaws found in their opponents.

After the competition, all the teams' code, along with DARPA's own test code, will be made available online under an open-source license.

Read More

Critical Print Spooler Bug allows Attackers to Hack any version of Microsoft Windows via print server

Microsoft's July Patch Tuesday offers 11 security bulletins with six rated critical resolving almost 50 security holes in its software.

The company has patched a security flaw in the Windows Print Spooler service that affects all supported versions of Windows ever released, which if exploited could allow an attacker to take over a device via a simple mechanism.

The "critical" flaw (CVE-2016-3238) actually resides in the way Windows handles printer driver installations as well as the way end users connect to printers.

The flaw could allow an attacker to install malware remotely on victim machine that can be used to view, modify or delete data, or create new accounts with full user rights

MS16-087-Security Update for Windows Print Spooler Components (3170005)
This security update resolves vulnerabilities in Microsoft Windows. The more severe of the vulnerabilities could allow remote code execution if an attacker is able to execute a man-in-the-middle (MiTM) attack on a workstation or print server, or set up a rogue print server on a target network.

Users who are logged in with fewer user rights on the system are less impacted than users who operate with administrative user rights, such as some home accounts and server users.
Microsoft said the critical flaw could be exploited to allow remote code execution if an attacker can conduct a man-in-the-middle (MiTM) attack on a system or print server or set up a rogue print server on a target network.

The critical flaw was discovered and reported by the researchers at security firm Vectra Networks, who disclosed some details on the vulnerability, but didn't publish their proof-of-concept (POC) code.


You can watch the video that shows the hack in action:



If the printer is behind a firewall, attackers can even hack other device or computer on that particular network, and then use it to host their malicious files.

This flaw (CVE-2016-3238) is by far the most dangerous vulnerability of the year, which is easy to execute, provides different ways of launch attacks, and affects a huge number of users.

A second related vulnerability, CVE-2016-3239, in MS16-087 bulletin is a privilege escalation flaw that could allow attackers to write to the file system.

A security bulletin for Microsoft Office, MS16-088, includes patches for seven remote code execution (RCE) vulnerabilities, 6 of them are memory corruption flaws, which affects Microsoft Office, SharePoint Server as well as Office Web Apps.

The flaws can be exploited by specially crafted Office files, allowing attackers to run arbitrary code with same privileges as the logged in user.

Bulletin MS16-084 addresses flaws in Internet Explorer and MS16-085 in Microsoft Edge. The IE flaws include RCE, privilege escalation, information disclosure and security bypass bugs.

Edge flaws include a handful of RCE and memory corruption flaws in the Chakra JavaScript engine, as well as an ASLR bypass, information disclosure, browser memory corruption, and spoofing bugs.

Bulletin MS16-086 addresses a vulnerability in the JScript and VBScript engines in Windows, which could allow an attacker to execute remote code execution flaw, affecting VBScript 5.7 and JScript 5.8.

Rest five bulletins rated as important address flaws in Windows Secure Kernel Mode, Windows Kernel-Mode Drivers, the .NET framework, the Windows Kernel, and Secure Boot process.

Users are advised to patch their system and software as soon as possible.

Read More

Crashed drone in Somalia shows more like a large bird

A drone that was recently downed in Mogadishu, Somalia looks less like a drone and more like a large bird.

Local reports associate this drone, which came down on May 1st, with Somalia’s National Intelligence and Security Agency (NISA). It's unclear exactly how it was downed, or if similar drones have been used in the country before.

What’s most interesting about this particular drone are its wings: in addition to looking like a bird, the wings will flap, although it looks like it’s actually powered by two sets of propellers. A quick glance at it flying overhead likely won’t attract a lot of attention, which is exactly what you’d want for a surveillance robot.

It’s unknown who is responsible for manufacturing this particular drone, but it’s certainly going to give observers on the ground pause when they see a flock of birds overhead.

As Atlas Obscura points out, there have been concerted efforts for companies to mimic bird behavior in drones both for appearance and for the obvious reason: physics. Birds, after all, are the experts at flying, and learning just how they fly is a good step in adapting their mechanical counterparts to accomplish the same tasks.

Drones flying over a war zone are nothing new, and as they've proliferated, there have been more efforts to make them harder to see from the ground.

The US Army Special Operations Command has used a similar drone that can be fired out of a canon or deployed by hand. Like this drone discovered in Somalia, it has wings that can flap, making it appear like a regular bird flying overhead.

Read More

Nintendo brings NES Classic Edition a miniature version comes with 30 games

The company announced what it's calling the Nintendo Entertainment System: NES Classic Edition. It looks just like a NES, only a lot tinier, and it comes with 30 games built in. You can connect it to your TV via a HDMI cable, and it also includes a controller designed to work just like the iconic rectangular NES gamepad. (The new controller will also connect to a Wii Remote, so that you can use it to play Virtual Console games on a Wii or Wii U.)

The NES Classic Edition will be available on November 11th for $59.99.

According to Kotaku, Nintendo has confirmed the console will not connect to the internet and will not be able to play games beyond the 30 NES classics that come pre-loaded on the device. The tiny console, announced this morning with a release date of November 11th, costs $59.99 and connects to a TV via HDMI to play old-school Nintendo titles with a NES gamepad.

"The console is a standalone device, so it cannot connect to the internet or any external storage devices. The 30 games included with the system were chosen to provide a wide variety of top-quality, long-lasting game-play experiences," a Nintendo representative told Kotaku. The device's lid does not open either, so old cartridges are off the table.

Here's the complete list of games:

1. Balloon Fight
2. Bubble Bobble
3. Castlevania
4. Castlevania II: Simon's Quest
5. Donkey Kong
6. Donkey Kong Jr.
7. Double Dragon II: The Revenge
8. Dr. Mario
9. Excitebike
10. Final Fantasy
11. Galaga
12. Ghosts'N Goblins
13. Gradius
14. Ice Climber
15. Kid Icarus
16. Kirby's Adventure
17. Mario Bros.
18. Mega Man 2
19. Metroid
20. Ninja Gaiden
21. Pac-Man
22. Punch-Out!! Featuring Mr. Dream
23. StarTropics
24. Super C
25. Super Mario Bros.
26. Super Mario Bros. 2
27. Super Mario Bros. 3
28. Tecmo Bowl
29. The Legend of Zelda
30. Zelda II: The Adventure of Link

Read More

Pokemon GO is now officially available to UK and Germany Trainers

UK and Germany Trainers, the wait is over. #PokemonGO is now officially available to be installed from Google Play or iTunes.

Meanwhile there are bogus website  A.K.A satire website announce  fake release in the Philippines..  They change the original post "Few Days" to "few hours"

Though, with The Wall Street Journal reporting that Pokémon Go will launch Europe and Asia "within a few days." There's no official comment on this timeframe, with the WSJ citing "people familiar with plans for the game."

Fans' keenness to play is having a damaging effect though, with various malware-infected clones of the app popping up on the web and infecting users' smartphones. 

Trainers, only install Pokémon GO via the Play Store or App Store. Downloads from other sources may contain malware or viruses.

If you want legit post when and where officially available Pokemon Go in Asia Follow yung Official Twitter nila https://twitter.com/nianticlabs and https://twitter.com/PokemonGoApp

Ayan hindi Satire site na pina-aasa ka LOL legit yan
Or Like and Follow my BLOG LOL

Read More

Free Remix OS Beta - Custom Engineered version of Android for PC

Manila, Philippines - BANBROS Commercial Incorporated - 24 November 2015 - Jide Technology Introduce "Remix Mini" The world’s first true Android PC. But not in the traditional PC sense.  

When you use this Remix OS is like you actually using Windows 10 PC environment, but it is not just like a traditional Desktop PC.

Experience the latest in Android’s Evolution...

Custom engineered version of Android Lollipop - Remix OS is state of the art operating system is the cornerstone to all of our hardware. With its multitude of productivity oriented features combined with over 1.5 million apps, Remix OS seamlessly merges functionality, ease of use, and beauty in amazing ways to give.

Setup is simple and safe for your compatible PCs. Once you've completed the installation, you can boot up your PC using either Remix OS or whatever OS was natively installed on your machine..

With Remix OS for PC, you can also conveniently house Remix OS on a USB stick. That means you can literally bring your Remix experience wherever you go. With most computers in the world powered by x86 chipsets, you should have no trouble finding the right hardware to run Remix OS.

Hustle Free No need to create new Partition.

Watch this video to learn how to boot Remix OS for PC from hard drive.


Windows 10


Windows 7

Latest release notes
Version Number: 2.0.402
Release Date: 7/6/2016
Package Type: 64-bit version for Legacy BIOS & EFI boot; 32-bit version for Legacy boot

Features:

1. Added keyboard mapping to certain games allowing users to play games with keyboards. (e.g. Vain Glory)
2. Added more app options to Remix Central.
3. Now supports mirrored output from DP, HDMI & VGA.
4. Improved the System bootup time and fix some cases on ANR.
5. Updated the Remix OS default wallpaper.
6. Updated the Remix OS boot up animation.
7. Added “Power is low” warnings.
8. Improved the video display quality.
9. Now supports more H265 video formats.
10. Now supports more ethernet cards.
11. Now supports more Realtek / Broadcom / MediaTek WiFi cards.
12. Pre-installed Chrome and Chrome Switcher that allows users to stay on desktop mode.

Bugs Fixes:

1. Improved app compatibility.
2. Fixed the Y! Mail bug where emails couldn’t be sent out.
3. Enabled scrolling and right-click on some trackpads.
4. Improved WiFi instability.
5. Fixed the problem screen record on Remix OS.
6. Fixed the disappearance of the task bar.
7. Now supports more Nvidia Graphic Cards and improved their stability.
8. Improved the thermal monitoring system to avoid overheating.
9. Fixed the slowing down of the system when mounting hard disks.
10. Fixed time inacurrancy on Windows when users switch back from Remix OS.

For more Info and FREE DOWNLOAD LINKS Visit :

http://www.jide.com/remixos-for-pc

Read More

Google can now help you find deals on flights and hotels

While most of us are busy making the most of the summer sunshine, marketers are already beginning to think about the coldest (and busiest) months of the year--the holidays. October through December are traditionally the biggest months for both travel and shopping, and this year we expect mobile to play its biggest role ever. In fact, mobile travel and shopping searches are already up nearly 30% year-over-year.

Planning a vacation often revolves around the delicate art of booking flights and hotels at just the right moment to get a great deal, and Google knows it. The internet pioneer is rolling out a slew of updates that, for the most part, are focused on getting you the best possible bargain. To start, you'll see automatic "deal" labels in searches whenever a hotel rate goes below the norm, and tips when tweaking the dates of your stay could save you some cash. You can also filter hotel searches for very exact criteria -- if you want to look for four-star hotels in Chicago that allow pets, you can. The tips and filters are only now rolling out (filters are limited to the US at first), but they'll be available worldwide over the course of the year.

Google Search Hotel Deals in Pampanga

You also won't have to worry that you're missing out on a low-cost flight. Google Flights is getting price tracking that can tell you when prices change for date and destination combos or specific flights. You'll only have to wait for email or a Google Now card to know when it's time to take action. This tracking will only be available in the 26 countries where Google Flights is available, but it'll reach all of them in a matter of weeks.

Most of Google's other updates today are more helpful for advertisers (such as a companion banner that lets you browse their wares while watching YouTube). However, there is one big user-friendly upgrade in the works: it's testing a shopping tweak that shows currency conversions in results, so you'll know just how expensive that Canadian sweater would be if you bought it in the US. The feature should be widely available in I tried it and it gave me a list. 

Source: Google Inside AdWords

Read More

Pokemon Go can see and modify all information in your Google account - Malware Risk

As millions of users wander the country collecting Pikachus and Jigglypuffs, the Alphabet spin-off Niantic, Inc. that developed the game is collecting information about the collectors. And it’s most definitely catching them all.

Like most apps that work with the GPS in your smartphone, Pokémon Go can tell a lot of things about you based on your movement as you play: where you go, when you went there, how you got there, how long you stayed, and who else was there. And, like many developers who build those apps, Niantic keeps that information.

According to the Pokémon Go privacy policy, Niantic may collect — among other things — your email address, IP address, the web page you were using before logging into Pokémon Go, your username, and your location. And if you use your Google account for sign-in and use an iOS device, unless you specifically revoke it, Niantic has access to your entire Google account. That means Niantic could have read and write access to your email, Google Drive docs, and more. 

(It also means that if the Niantic servers are hacked, whoever hacked the servers would potentially have access to your entire Google account. And you can bet the game’s extreme popularity has made it a target for hackers. Given the number of children playing the game, that’s a scary thought.) You can check what kind of access Niantic has to your Google account here.

Just when you hit the Google button, you are logged in. But, you are not shown a message regarding what data this app is going to access. 

Here’s what it means when Pokemon Go has full access to your account:

• Pokemon Go can see and modify all information in your Google account.
• Such privileges should be given to fully trusted applications only. 

It also may share this information with other parties, including the Pokémon Company that co-developed the game, “third-party service providers,” and “third parties” to conduct “research and analysis, demographic profiling, and other similar purposes.” Similar to Pokemon Go Chat. It also, per the policy, may share any information it collects with law enforcement in response to a legal claim, to protect its own interests, or stop “illegal, unethical, or legally actionable activity.”

GoChat, an independent app that lets Pokémon Go users leave notes for each other at in-game locations

In a statement to Gizmodo Monday night, Niantic said they started working on a fix and verified with Google that nothing beyond basic profile information had been accessed.

We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. However, Pokémon GO only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected.
Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic.

Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.

This is not something new, Twitter, Instagram, Snapchat, Tinder, Facebook, and amongst other apps use the same thing. lots of apps have access to your google account. But they only ask for access to your name and email usually. Pokemon GO has full access. Meaning they can send emails as you, delete your emails, delete/share your googe drive docs. There is no reason they need this much access. And with their server issues..

Update: Google New Features (it just pop on my search ) you can revoke any apps

Read More