back to article Google's Wi-Fi snoop nabbed passwords and emails

The Wi-Fi traffic collected by Google's world-roving Street View cars included passwords and email, according to a report citing a preliminary study from the French data protection authority. IDG reports that the French National Commission on Computing and Liberty (CNIL) has examined part of the data, after it was turned over …

COMMENTS

This topic is closed for new posts.

Page:

  1. heyrick Silver badge

    "However, we can already state that [...] Google did indeed record e-mail access passwords [...] "

    Don't big up the story, Google's recording of email access passwords is no different to running a wifi adaptor in promiscuous mode and seeing if anything interesting turns up. I think a record of the percentage of data representing passwords vs everything else would show the truth - some auto-tick like Thunderbird just happened to log into a mail server when the Googlemobile went by.

    Before you kick Google too hard, first kick yourself for not securing your network. Google got caught, but how many bored and/or malicious people already snoop open networks with a desire to collect this sort of data specifically; and more explictly things like third-party webmail (GMail/Yahoo...) or even ElReg because I bet you'd find people that can't be bothered to secure their network also can't be bothered picking unique passwords. If "secret" is their webmail password and "secret" is their Facebook password, you could have a stab at "secret" being their bank password too! Okay, you probably won't get to see this (HTTPS and all) but I'd imagine the DNS lookup is not encrypted, so you'll see what bank they use.

    Are you getting the point? Lock up the network!

    1. darkpill

      Google fail.

      "Before you kick Google too hard, first kick yourself for not securing your network. "

      You're just as bad as the Microsoft apologists who blame end users for Microsofts lax security policies. Google is one of the largest companies in tech, time they start acting like it.

      1. heyrick Silver badge

        At the risk of even more downvotes... :-)

        @ darkpill - when the first great macro virus (Melissa? TheLoveBug? something like that...) got out, you could feel for those affected. When it happened *again* - you shake your head in disbelief. There is a reason we don't like IE. There is a reason we run plugins designed to filter out unwarranted cack in web pages. And no, darkpill, I am nothing like a Microsoft apologist, for Google is a symptom, not the disease itself. If everybody took care to lock up their WiFi transmissions, this story wouldn't even exist. Google would have some SSIDs and maybe some bogus IP addresses (192.168.x.x anybody?). They ONLY have bits of emails, passwords, and such because an electronic device in your possession was happily transmitting it totally in the clear NOT TO YOU but to ANY RECEIVER WITHIN RANGE.

        The world is also screwed up enough that somebody twittering a bad taste joke is taken as a serious terrorist threat and dragged through the coals. Perhaps to "make an example" or perhaps since it was with taxpayer money, "because they could". If your network is not encrypted, has anybody been using it? Some *cough* systems will try to connect to the strongest signal (automatically) regardless of whether or not it is the *right* signal. Has this happened to you? Was it left that way? What was accessed? Do you know who it was? FFS, does your router even bother with an audit trail? Can you prove anything at all?

        I base my concept of trust on who I know and who I see. I tell people what I feel happy telling them, and no more. With unsecured WiFi in an urban setting, you'd be blathering your personal information to anybody within range who gives a damn. Might be nobody, might be one very messed up individual. Gee, didn't El Reg carry an article on this theme only this week?

        So, go ahead and downvote me. Offer me tin foil hats. Whatever. Just take your goddamn security seriously.

    2. Anonymous Coward
      FAIL

      Mail is secret, no matter if encrypted or not

      "Google's recording of email access passwords is no different to running a wifi adaptor in promiscuous mode and seeing if anything interesting turns up."

      And if you write it down, you're a criminal. You might be even if you don't write it down, but that's gray area. Google definitely is a criminal, harvesting logins and passwords from peoples network traffic: man in the middle -attack. They claim it's an accident but with current CEO Google is not making this kind of 'accidents'.

      You aren't' entitled to read other people's post( like postcards) either, even the message is easy to see. Is that too hard to understand too?

  2. Anonymous Coward
    Anonymous Coward

    so?

    Unless their app also contained a wep/wpa cracker, then those unecrypted snippets should give the respective countries a good idea about how uninformed their populace are, especially if Google also recorded the mere existence of encrypted networks/locked networks.

  3. Steve Evans

    Honestly...

    All these people whining that some personal data was picked up by the google car... What about the amount of data that could have been sniffed by world+dog from these *open* wireless points before and since?

    Hopefully they won't miss out on that little fact and people might actually secure things.

    Yeah yeah, I know, fat chance.

    1. Anonymous Coward
      Anonymous Coward

      It isn't

      the people with the unsecured networks complaining, is it. It is looking at the situation from the next level up - above the 'I'm alright, Jack' floor. Yes, fat chance of the careless wising up. It's the taking advantage the rest of us don't care for. Because if that is what was/is happening it will not stop with just taking advantage of the careless. It is a great big global company seemingly positioning itself for impunity from anybody's Law and seemingly prepared - as pretty much goes with the territory anyway - to screw absolutely whoever wanders into range, at least if nobody dares break silence while they still have a voice.

    2. Anonymous Coward
      FAIL

      Criminal act, anyway

      "All these people whining that some personal data was picked up by the google car... What about the amount of data that could have been sniffed by world+dog from these *open* wireless points before and since?"

      You are totally missing the point: Point is what you _can do_ and what you _may do_.

      Harvesting passwords and accounts can be done but it's still illegal. Obviously that's not a concern of yours that Google is knowingly breaking the law?

      1. Tim Bates

        Countries and Laws

        "Harvesting passwords and accounts can be done but it's still illegal."

        May depend on the country... In some countries, you would have to be purposely harvesting the usernames and passwords, not data in bulk.

        The other issue is whether it is illegal to record public broadcasts of open radio traffic, and what may be done with said traffic. EG - it would generally not be illegal in Australia for someone to record chatter on an aviation radio band, even if said chatter included people telling Air Traffic Control what their bank details and PIN number was... It would however be illegal to then use said information for any personal or commercial gain.

        "Obviously that's not a concern of yours that Google is knowingly breaking the law?"

        Did Google as a company knowingly break the law? I highly doubt it. Some individual (or small group) working for Google collected the data as an unsanctioned activity.... In countries where this person person(s) has broken the law, then yes, they should be punished. However the company as a whole is not guilty.

    3. Anonymous Coward
      Anonymous Coward

      Hang on a minute, please.

      Google is a commercial entity gathering data for money. They knew, or should reasonably have known, that they were gathering "private" information as they rolled around the countryside.

      I doubt you will ever stop malicious data gathering and everyone has an interest in security but do not blame the public for the sins of a very profitable, technically malicious, mendacious, self-serving public corporation.

      "Do no evil" - my arse!

  4. raving angry loony
    Flame

    jail!

    Time for some criminal charges. When individuals do this, then end up in jail. Time to see just how "limited" the liability is here. Of course, money talks, and Google money talks really loud.

  5. Anonymous Coward
    Grenade

    What the hell!?!?!

    Why the hell isn't someone in custody over this? Seriously! In some countries, that's unlawful access and interception of data that they were not authorized to have. And while I'm not a fan of Google or their questionable business practices, but the law is the law.

    1. Pascal Monett Silver badge

      Let's put it this way

      Any country where somebody has been dragged to court because he took advantage of some open wifi without permission should quite obviously and for the simple sake of consistency drag all Google CEOs and managers in their country before the court for the same charges.

      Hey, if you're going to go nitpicking all over the little guys you have the moral obligation of doing the same to the big fish.

    2. Anonymous Coward
      WTF?

      It's not really unlawful

      Well it's not really unlawful is it. If you left all your stuff out in the street, it's not unlawful for someone to come along and pick it up. Cause that's essentially what your doing when you leave your Wifi connection open.

      1. Anonymous Coward
        Thumb Down

        Er ... yes it is unlawful

        In this country at least, you can be done for stealing even if you find something lying about. It doesn't matter what it is - you clearly know it isn't yours, so you can't just take it home.

        Pretty simple really.

      2. Anonymous Coward
        FAIL

        @Paul 193

        Well, actually, yes, it is completely unlawful, what with most countries having laws against the interception of data transmissions. Said laws don't tend to say "well, if it's encrypted, then its illegal, but if it's open, knock yourselves out."

        Plus it is illegal to take someone else's stuff if left outside. You leave your car outside (if you have one). If one day you accidentally left it unlocked and came back to find it had been taken, what would you do? Call the police and report a crime, or say to yourself, "oh well, someone's taken my car, shame that's not against the law"?

      3. Anonymous Coward
        Anonymous Coward

        @It's not really unlawful

        Nope. It's still theft.

      4. Anonymous Coward
        FAIL

        RE: Paul193

        Actually Paul, it is unlawful for someone to take something you've left in the street, it's called theft. Next you'll say people have a right to nick my car just because I parked it out on the curb.

  6. mittfh
    FAIL

    Unencrypted Wi-Fi dangers

    This quite clearly shows why users still using unprotected Wi-Fi need to have the message about the dangers hammered home. Bear in mind the Google cars probably only spend a few seconds at most slurping Wi-Fi connections and managed to capture unencrypted passwords and email.

    Now imagine what could happen if Mr. Identity Thief parked up outside your house one evening and slurped on your unencrypted connection for an hour or so?

    Users need to be reminded that an unencrypted connection is just as insecure as putting your bank, credit card, and utility bill statements out for recycling the night before collection without shredding them first. It's practically an open invite to someone to come along and steal the information - and by the time you wake up, you'll probably be unaware anything untoward has happened.

    WEP is better than nothing, but WPA2/PSK with the largest key size your computer and router can handle is your best bet. Plus hiding your SSID (although Windoze sometimes throws a hissy fit if it can't see the SSID being broadcast) and turning on MAC address filtering, so the only computers the router will allow to connect to it are yours.

    And of course, if the Wi-Fi is unencrypted, chances are the user has a weak password on their router, so a criminal could reconfigure it to suit their own devious ends; and a weak password on their computer, so the criminal could poke around to their heart's content...

    -oOo-

    Sure, what Google did was unethical at the very least, and seemingly without purpose. And since they've (reluctantly) admitted what their cars were up to, they'll probably 'fess up and pay the fines levied when the court cases start - or even attempt to settle out of court. But if ISPs in particular were more clued up about security (most nowadays provide some form of encryption enabled by default on their routers) there wouldn't have been much available unencrypted data to slurp in the first place...

    1. prathlev

      @mittfh

      From a security standpoint there isn't much idea in hiding your ESSID or filtering MAC addresses. Any activity on the network defeats the hiding. And MAC addresses are easily spoofable.

      Stick to encryption instead of voodoo. :-)

      1. Mark 65

        MAC filtering voodoo

        The point is that you'd need to know a valid address to spoof so it's not necessarily as voodoo as you state. Sure, it's doable but you've still gotta hang around and find the right address for the network.

    2. Michael Hitchins
      Stop

      people still believe in hiding SSID's?

      then they are just re-broadcast by the clients in probe messages, whereever the client goes...

      and WEP is better than nothing, if by better you mean false sense of security that is hacked in seconds and is really only overhead on wifi - unless you technically challenged neighbours and 'hackers' about.

      MAC address filtering is redundant if you have a good WPA2 setup, PSK or otherwise. Its easy to spoof a MAC address after all...

      So tip of the day - use WPA2 properly with a good key or certs and be happy and safe out there...

    3. Anonymous Coward
      FAIL

      Communication is confidental by default

      "This quite clearly shows why users still using unprotected Wi-Fi need to have the message about the dangers hammered home. "

      No, totally wrong idea about what are the basics.

      The basic principle is that your traffic is always confidental. No matter if it's a text written on a piece of card and stuffed in mailbox (incidentally called a postcard, btw.)

      Instead Google should be put into jail for collecting these, obviously for years.

    4. Fatman
      WTF?

      Unencrypted WiFi dangers

      You have described `Albert Gonzalez` and his merry gang of thieves. Out `wardriving` they managed to get into a wireless network, plant sniffing software, and laugh all the way to the bank, until they got caught. (Does `TJ Maxx` ring any bells???) [1]

      If the victim (TJ Maxx) had not been so DAMMED LAX in their security, they would have not been their victim; some other stupid clueless bunch of ID10Ts would have been.

      IMHO, the best wireless network - IS NO WIRELESS NETWORK..

      -------------------------------------

      [1] In case it has faded from your mind, here are two links:

      http://news.cnet.com/T.J.-Maxx-hack-exposes-consumer-data/2100-1029_3-6151017.html

      http://www.computerworld.com/s/article/9136800/Alleged_data_breach_kingpin_had_plenty_of_help

      Note in the second linked article, one paragraph about Christopher Scott:

      `On two separate occasions in July 2005, Scott compromised two wireless access points at a TJX-owned Marshall's store in Miami. He used the access to download various commands onto TJX servers containing payment card data. About a year after gaining access to the TJX network, Scott established a secure VPN connection between a TJX payment card transaction processing server and a malicious server owned by Gonzalez for uploading various sniffer programs to the server to capture transaction data as it was being processed. `

      End result: GAME OVER!!!!!!!!!!!!!!!!!!!!

      If you must use wireless, then invoke the best security setting you can manage, or the criminals will MANAGE to loot your bank account (or someone else's credit card details).

      It burns me up that there are still some refugees from the Cro-Mag days that will NEVER GET IT when it comes to securing data.

  7. Henry Wertz 1 Gold badge

    Not a contradiction

    google's statement that they only collect fragments doesn't contradict them collecting e-mails etc. 1500 byte packets, in 1/5th of a second, about 1MB of data could be collected.

  8. Ian Michael Gumby
    FAIL

    Criminal Act? Sure. Jail Time? Not so sure...

    Its interesting to read some of the posts where people are quick to defend Google and say that anyone who uses an unencrypted network deserves what they get.

    Unfortunately those same folks seem to forget that snooping on a network is a crime.

    While the laws vary country by country, in the handful of countries where Google has been driving, they have been breaking the law.

    Note: Capturing the SSID and Mac address by itself is not illegal. Capturing actual traffic is.

    Google cannot claim innocence because there is enough evidence in the public eye to show mens rea, or a guilty mind. You can't claim innocence when you're applying for a patent on the technology used to snoop traffic. Also you can show motive. That Google can find value of snooping traffic.

    Now here's a twist I doubt many have thought about... Suppose Google uses your android phones to snoop on wi-fi networks. (With your permission of course) To submit the data your phone captures on open wi-fi networks as you walk about town with your phone's wi-fi adapter turned on?

    Now the question becomes... are you an accessory to the crime?

    So who do you put on trial?

    Most likely the company will be fined, prohibited from certain things and a slap on the wrist.

    Now you know why Google has been getting cozy with the Obama administration.

    Fail for those idiots and apologists who can't comprehend the damage done by Google.

    1. Anonymous Coward
      Anonymous Coward

      Agreed...

      Doesn't warrant jail time, especially since finding the truly guilty parties would be difficult. Instead, I suggest that the CEO is invited to stand before an EU board of enquiry and get a good dressing down, followed by being required to set aside an amount of cash to compensate those who have been spied upon. About 20 billion dollars should do the job.

  9. Spanners Silver badge
    Boffin

    Unencrypted = Permission

    An unencrypted wireless network is a statement that anyone is allowed to access it at any time for any purpose legal or otherwise. It is not the same as leaving your window open. It is more akin to leaving your possessions strewn unnatended in a public park. The weakest of encryptions is all that it needs to say "keep out".

    If Google did nothing but record what was publically available, they have done nothing wrong. They are still obliged to look after the data according to the laws in the country but that is a separate matter.

    If they are allowed to capture EM radiation in the visible spectrum, there is no difference to stuff with a longer wavelength. If you don't want people to recognise you - wear a burqa. If you don't want your WiFi listened to - encrypt it. If you want people to not even see your transmitter - don't broadcast your SSID.

    1. Anonymous Coward
      FAIL

      Open for own traffic, not for snooping.

      "An unencrypted wireless network is a statement that anyone is allowed to access it at any time for any purpose legal or otherwise."

      Blatant lie.

      It's open to use _for your own communication_ (like throwing your letter in the mailbox). The second you are snooping other's traffic (ie. force the mailbox open and read others letters), you are a criminal.

      This is very clear matter and there are court cases in several countries to back this up.

    2. Will 28

      So very wrong

      "It is more akin to leaving your possessions strewn unnatended in a public park".

      You may remember a few years ago when a cargo ship crashed in the south of England, and all their cargo was left strewn around the coast. The people who took that cargo were still stealing it. If I left my possessions in the park and someone took them, I've littered, and they've committed theft.

      You may well feel that google haven't 'taken' anything, but then we're going to have to get into a long existential debate about whether data really exists. However this is not my point. They're failure to secure the network does not equate to giving someone else permission to take advantage of that.

      Some other examples that your logic appears to validate.

      If someone hasn't built up sufficient muscles and fighting skill to stop me, they are giving me permission to beat them up.

      If someone performs an unsafe manoeuver in a car, they are giving me permission to deliberately crash into them.

      If someone has left their baby unnattended - it's my baby now.

      1. Anonymous Coward
        FAIL

        RE: Will 28

        "You may remember a few years ago when a cargo ship crashed in the south of England, and all their cargo was left strewn around the coast. The people who took that cargo were still stealing it. If I left my possessions in the park and someone took them, I've littered, and they've committed theft."

        It's not theft if you inform the Receiver of Wreck of what you salvaged. Should the owner wish you to then return the items you are entitled to salvage reward.

    3. DavCrav

      Isn't this a little like...

      ...saying that "he deserved to get his car stolen, he left it unlocked", "he was carrying about a camera in a dodgy part of town, he deserved it" or "look at the way she dressed, obviously that was going to happen"?

      Just because my car isn't locked doesn't mean you have permission to steal it. It might mean that I don't get my insurance money, but you still go to jail (well, not in this country, but that's a different story).

      See also: that CD wasn't encrypted, so I can copy the songs on it, right? You're computer wasn't password protected so I can take whatever data I want, etc. etc. etc. (Bored of producing examples now.)

    4. Anonymous Coward
      FAIL

      Wireless transmissions are not an open invitation

      Let me get this straight. You are advocating that the BBC should encrypt their transmissions to keep away the license dodgers. The law seems to have a different opinion.

  10. Matthew 4
    Coat

    So many unsecured wifi signals about still.

    I live on a hill, overlooking Wellington city, NZ.

    I get about 15 pages of wifi networks on a good day from my window, and about 1/10 are still insecure.

    Another 1/10 or so still use WEP which amounts to the same thing.

    Needless to say I never have to worry about going over my internet limit each month. Plenty of free idiots to leach off.

    If you still don't see the risks of leaving your networks open to the world then you deserve what you get.

    1. John H Woods Silver badge
      FAIL

      yeah ...

      ... so I suppose you'd feel happy stealing my wine delivery whilst it is left outside my house? Or taking my horse, which is, let's face it - outside in a field?

      Please, repeat after me - things do not magically become legal just because they are possible - even if they are easy to do. You are so fired up about poor old Google that here you are admitting to criminal behaviour on a public forum. But you seem to think that just because you don't respect the law, we shouldn't either.

      "Plenty of idiots too leach off" --- honestly, I despair. You are basically saying, that this shouldn't be a crime because you do it. Sorry but it is. It is when you do it, and it is when Google do it. At least they are saying they did it accidentally.

  11. Mage Silver badge
    Black Helicopters

    Unethical?

    Illegal, immoral.

    Even recording location, SSID of a private (not a Public hotspot) may be an illegal broach of privacy.

    Worse than number plate of your car in driveway.

    Yes, everyone should have WPA2 etc etc.. But Google is just wrong, a criminal bully.

    Copyright, Privacy, advert bots that track what you read, Gmail & Google Docs scanning.

    They are out of control and need slapped down hard.

    Folks, they are not a cuddly bunny, a caped avenger for GNU/Foss/Freedom. They a a giant transglobal ADVERTISING agency. Since when was an Advertising agency safe to be making their own rules?

  12. Anonymous Coward
    Boffin

    A big nothing

    Anyone getting upset at interception of unencrypted Wi-Fi by equipment on public streets is the equivalent of getting upset at someone standing in a public street overhearing loud yelling in the house. In either case, the interception is merely of radio or sound waves passing through the physical space occupied by the guy in the public street. The broadcaster of those waves is responsible for their emanation.

    1. Peter Gathercole Silver badge
      Unhappy

      Missing a step

      In your analogy, you've missed out a step, and that is turning on your tape recorder to record it so that it could be re-played.

      But in principal, I agree with what you say. If you walk around with a directional microphone recording parts of everything you can hear, is this currently illegal?

      My firewall records the first couple of hundred bytes of every stateful connection that runs through it. Am I likely to be sued by my kids because I can see some of their IM sessions? If someone illegally uses my wireless network, and I capture their credit card details, are we both guilty of illegal actions?

      The problem is that the law cannot keep up with the speed of technological change. The result is that the courts are asked to rule on outdated laws, ruled on effectively by technology outsiders, and are asked to make reasonable precedent judgements.

      It may be that it is not illegal to not encrypt your access point, and that it may not be illegal to receive unencrypted traffic (I hope this is the case, because an unintended consequence of using your network is that it will read the headers of all packets in order to know whether to discard it) but it is illegal to record it, but it must be seen as being pretty foolhardy to not take reasonable steps to secure your access point.

      There is merit on almost all of the arguments made on this forum, but it is quite clear that the whole situation has so many ambiguities that a reasonable consensus cannot be achieved.

  13. lucmars

    Some country required the data to be kept some other not

    Speaking about the CNIL, it's an agency at the foot of the french government. That's certainly the same thing in other countries. Hence, Google is an opportunity for all the governements' monitoring dream.

    Certainly Google is expecting upon that with a settlement like: "keep the data for a while, then delete"

    In the end, Google do its ads, and the govs feel more smart.

  14. Robin Szemeti
    Coat

    Actually ... its very useful data

    By correlating the density of open wifi networks with population density .. Google should be able to produce a map showing where to find the highest numbers of idiots ...

  15. Carol Orlowski
    Stop

    Non-story

    This story has consistently been given more due by the media than it merits. Move along, Reg. There is no more to wring out of it.

    For a more level-headed opinion from an industry insider, see Glen Fleischman's remarks:

    http://wifinetnews.com/archives/2010/06/sick_of_google_wi-fi_scanning_story_me_too.html

    1. Ian Michael Gumby
      Black Helicopters

      How about those of us who are sick of Google getting away with crimes?

      As another poster put it, this isn't the first and most likely not the last illegal/criminal act committed by google.

      The problem is that not many read 'industry insider' blogs so El Reg is the best place to get info until the mainstream press picks it up. (Unless of course Google's PR folks have gotten to them... ;-)

      Moi paranoid? Don't think so. Not after BP buying up ad links for the terms Oil and Spill. :-)

  16. Jon Press
    FAIL

    All your information are belong to us

    A spate of thefts from unlocked premises might remind the populace to secure their doors, but an unlocked door is not a legal excuse for theft.

    In those countries where unlawful interception of communications is a criminal matter, I don't expect "it was wide open" to be a successful plea in mitigation.

    Exactly how dysfunctional a public corporation is Google if it has merrily set off on a worldwide excercise of data gathering without, apparently, even appreciating that different laws might exist outside the confines of their home state. Don't they have an internal review process for this type of project?

  17. Paul Gomme

    The point being made...

    The reason people are upset is that a large corporation with a vested interest in processing personal data has been gaining it against local laws. The offence is not "failing to secure a wi-fi point" - it's "capturing data without consent".

    The debate about securing your access point is not the issue. The issue is "did you capture personal data without consent?"

    If you leave your bank statement by a window, I read it and then drain your account or commit identity fraud, am I blameless, because you left your details available for anyone to read...?

  18. Colonel Panic

    And the problem is ?

    How is this different to walking down the street with a tape-recorder ? If people are having a conversation in public, then they have no reasonable expectation of privacy.

    If you broadcast information over an unsecured WiFi link, you are putting it in the public domain.

    If you don't want it listened to, encrypt it.

    1. Anonymous Coward
      FAIL

      transfer media =! permission to use

      "If you broadcast information over an unsecured WiFi link, you are putting it in the public domain."

      No, you are not. A concept too complicated to understand, eh?

      Does copyright cease to exist if you transfer mp3s on open wifilink?

      Does MPAA/RIAA agree with you?

    2. Stoneshop
      Flame

      Now clone yourself umpteen times

      do this for three years, snap pics while all of you are about, and simultaneously record where you are. Still not a problem?

      It's funny how people still keep saying "well, I could easily snoop open WiFi too, what's the big deal?". But that's just part of what Google was doing. It's the agglomeration of all the data, including GPS and pics, the googlomobiles are collecting that pushes it way beyond simple eavesdropping. It's also not just some random internet user collecting all that stuff, it's the largest adbroker around. Who has a serious commercial interest in knowing as much as it can about you, and not limited to your online behaviour.

  19. Anonymous Coward
    Anonymous Coward

    OK, where are the apologists?

    "You left your handbag hanging in my reach on your shopping trolley so I took some of your money - your fault for leaving it in my reach"

    No, seriously, that the kind of "defence" of Google's actions I have been hearing. I am absolutely astonished that even after suspicions are proved of rather evil "do not eveil" activities you still get the apologists come out in force. Unless they're maybe paid by Google? Shareholders? New Labour voters?

    It's becoming quite a list now.

    - The China affair: "we're now against censorship because we're losing market share, and we can't keep a secret in one single building, despite Apple managing this all across multiple parts vendors and assembly factories in China. Obviously,China is bad. Focus on human rights, don't mention the market share nbecause we want to sell some shares, no, I told you not to look at our SEC filings".

    "

    - All about privacy: "we don't look at your information, robots do. Yes, we write those robots, but we have perfect control over our software" (keep that in mind for a moment)

    - Tagging (also FaceBook): "you might not want to give us your picture, but others will. Isn't that a nice, fat hole in your precious Data Protection? Good scam, no?"

    - Streetview: "we know you put fences up for privacy, so we'll just up our cameras, oh, and we'll allow people to zoom in on your windows". "Oh, sure, we'll promise anything to make our marketing vehicle stay, just don't expect us to actually DO it, be serious, this is about money".

    And now this. "It was all an accident that a rogue engineer (baaad engineer, bad, bad!) could inject code into both the mobile part of the Streetview collection as well as ensure it had the whole back end sized and ready to receive that data, all without us knowing this. Is this enough of an excuse not to make it the criminal offense it in all across the Globe? Did I mention it's a bad, BAAAD engineer who did this?"

    Google did a fantastic job on search tech, and it has come up with some other good stuff. If they could just realise they are good enough not to need this sort of crap life would be a lot easier for them. But hey, Microsoft couldn't control itself either, and look what is happening to them now..

    Quite simply, what they did was criminal, full stop. There is no wiggling on this one, it's irrelevant how (plus, with their resources they should have had better control in place anyway, so even that isn't an excuse). You do the crime, you do the time (or pay the dime).

    Executive jail time would be so educational, but is alas far too easy to avoid..

    Now here is a fun question: if they publicly allege to have so little control over their software process, where does that leave the security of all that information you have stored in Google Apps? Make your choice: either Google knows exactly what it did and is thus guilty, or it is crap at managing software, which immediately raises questions about how safe any information is that is hosted in Google Apps. As far as I can see it, it's merely a choice of foot - the trigger will be pulled in any event..

    /rant

    1. Anonymous Coward
      Boffin

      Your handbag analogy is flawed

      Your analogy that what Google did was akin to going through a hand bag left on a trolley is fundamentally flawed. What Google did was, while standing in a public place, overheard & recorded a conversation that was spoken (broadcast) into the public place. It is like walking down the public street with a tape recorder in record mode and capturing neighbors yelling out their windows to one another (hence knowingly broadcasting their information into public places). Now, maybe walking down a public street with a tape recorder taping may run afoul of the laws in some places, but it is the correct analogy. Not perusing a found handbag.

      1. DavCrav

        Including music?

        I'm pretty sure that it would be unlawful for me to stand in (or just outside if you will) HMV recording with a dictaphone the songs off CDs, even though they are publicly broadcast, or taping off the radio, for example.

        Oh, and how about these people who are charged with copyright infringement for uploading onto the Internet TV shows that are broadcast over the airwaves?

Page:

This topic is closed for new posts.

Other stories you might like