Ask HN: Google Product Abuse

[squillful]

I am interviewing for a position with Google's Product Quality team soon, and I am trying to think of different ways of abusing Google products, or any other similar products for that matter. There's the obvious click-jacking, abuse of SEO, spam etc. But I would like to get some more ideas. What way would you abuse Google's products?

[mtmail]

Ages ago there was a tool which would split a large file, let's say the usual 700MB movie, into chunks of 5MB, then create accounts on Yahoo, upload each chunk and return to you a list of usernames, passwords and URLs to download. Another person was able to use the software to download the full file. I can't remember if the product was Yahoo Mail, Briefcase or Photos but the chunks were small. With the introduction of captchas this was no longer possible.

Speaking of captchas, there are click workers (humans) who solve captchas for a living, even APIs so you the customer can get access to sites in almost real-time. A clever variation was re-displaying the captchas on porn websites and return the results.

There is a website right now re-selling Google Maps geocoding results for money. The coordinates are slightly altered but if you do 100 requests and take the average it will be what Google's service returns. I'm sure it's similar with Google translate.

Redirects like some-service.google.com/?do_something=1&.done=<spammer website> can be used to fool systems to think they're dealing with a safe Google.com URL.

We learned that for every mistake we introduce in software there will be somebody very bored or determined spending hours and days trying to abuse it.

[pngat2x]

Using Google Voice as an inbound SMS-to-email bridge for running contests, etc.

I've seen 2k+ inbound messages/day put through a service that does this, versus the business paying ~$20-50/month for Twilio.