Google's OpenSocial platform launch was unsuccessful, as vulnerabilities were exposed just 45 minutes after its debut.

The first application released for Google's OpenSocial API platform was quickly taken down after a vulnerability was discovered that could allow hackers to arbitrarily alter user profiles.

This application was developed by third-party developer RockYou for the OpenSocial API platform, and was initially adopted by the social networking site Plaxo. However, not long after its release, a user named "HarmonyGuy" alerted Plaxo's Vice President of Marketing, John McCrea, that there was a vulnerability in RockYou's "Emoticons" app which allowed hackers to add emoticons to McCrea's Plaxo profile without his consent.

TechCrunch blogger Michael Arrington said that "HarmonyGuy" discovered this vulnerability in less than 45 minutes. Subsequently, Plaxo took the application offline.

McCrea wrote on Plaxo's blog last Friday: "Due to several vulnerabilities discovered today, we have temporarily removed the app. We apologize for any inconvenience caused. Applications like these are still in their early stages, so it's inevitable that we'll encounter some bumps along the way... please bear with us."

Just last week, Google announced its OpenSocial initiative, ambitiously planning to use this platform to create a coalition of social networking sites. OpenSocial provides a unified application programming interface (API) for several different social networking sites, making it convenient for third-party developers to create applications that can be used uniformly across member sites of the coalition.

Plaxo is one of the members under the OpenSocial umbrella, with other participating sites including Engage.com, Friendster, LinkedIn, MySpace, Oracle, Orkut, and Salesforce.com.

"HarmonyGuy" also mentioned that he had successfully hacked third-party applications on Facebook, such as SuperPoke, but compared to Facebook, altering user profiles on the OpenSocial platform was much easier. Facebook did not join Google's OpenSocial coalition.

"HarmonyGuy" concluded by saying that while changing users' emoticons may not constitute serious malicious hacking behavior, if Google does not strengthen its platform, more threatening hacking activities may follow.