You are here

Internet Security

37 States now investigating Google StreetView snooping

37 States are now involved in a "powerful multi-state investigation" of "Google's Streetview snooping" per a press release from investigation leader, Connecticut Attorney General Richard Blumenthal, who released a new follow-up letter to Google asking for more information and clarification of its representations to date. 

The letter shows the investigation is very serious. Its prosecutorial exactness strongly suggests that investigators believe Google has not been forthright in its answers to date and that it could be covering up material information to the investigation. 

  • Several questions in the letter also indicate that the investigators are seriously concerned about the integrity and completeness of Google's systems of internal controls and supervision to ensure the safety and privacy of consumers. 

What appears to be the most problematic line of inquiry is whether or not Google tested this software before it was used in public to collect private information on consumers. 

Google China License: What's the rest of the story?

In an exceptionally uncharacteristic low-key PR manner for Google, Google announced on its blog in one sentence that China renewed its license to operate in China.

  • "Update July 9:
    We are very pleased that the government has renewed our ICP license and we look forward to continuing to provide web search and local products to our users in China."

What's the rest of the story here?

Google and China have been at loggerheads with one another in one of the highest-of-profile international standoffs between a private company and a superpower in modern history, since Google publicly accused China in January blogpost of being complicit in a hack of Google that resulted in the theft of Google's intellectual property, (which John Markoff of the New York Times reported was the extremely sensitive computer code for Google's password control system.) 

What is the quid pro quo here?

Google's Wanton WarDriving Scandal: Fallout & Cover-up

Google's wanton "wardriving," i.e. detecting, accessing, and recording residential WiFi networks in 30 countries for over three years, was not simply a "mistake," "inadvertent," or an "accident" as the Google's PR machine has spun it. The evidence to the contrary is overwhelming to anyone who bothers to examine it closely. 

  • Google's wanton wardriving was either: gross incompetence/negligence or wrongdoing
    • Government investigators must determine for themselves via subpoena, whether or not anyone at Google, in a supervisory or management position, knew that this private "payload" data was being collected, and whether or not this private data had been accessed, copied, analyzed, or used by Google in any way.

The case for why Google's wanton wardriving is more than just a "mistake."        

I.  Identifying the questionable practice: "Wardriving"

Questions for Google on its Latest Act of Privacide -- Part XXI Privacy vs. Publicacy series

Google's latest privacy-killing act of privacide is "Google's roving Street View spycam," which is not only taking pictures, but is also scanning to log WiFi network addresses and unique Media Access Control (Mac)addresses per Andrew Orlowski's excellent scoop at the Register.

Google's Titanic Security Flaws -- "Security is Google's Achilles Heel" Part VIII of Series

Well informed reports (that Google will not deny), that hackers breached Google's most sensitive software code, the Gaia password system, surface titanic security flaws at Google.     

Why Google is too big not to fail. 

1.  "Bigtable" Storage design: How Google stores and accesses "all the world's information" in and from its data centers is: "'Bigtable:' a Distributed Storage System for Structured Data." It is Google's innovation to maximize scalability, speed and cost efficiency -- not security, privacy, or accountability. Simply, Bigtable is an "all eggs in one basket" approach to information storage and access.

Google's Liability Decade: Why Google's leadership ducks investors

The abrupt change, that Google's CEO Eric Schmidt will no longer be accountable to shareholders on Google's earnings calls, should prompt investors to ask why? 

  • Google claimed that they wanted to put more focus on Google's strong financials, but they did not disclose any more than Google's usual barest of minimum of information to investors.  
  • The most obvious reason for this abrupt change is the literal explosion of real franchise liabilities and risk overhangs to Google that reared their ugly heads this past quarter. 
    • Had CEO Schmidt been available to answer investor questions, Google's exploding liabilities could have dominated the Q&A and the investment narrative coming out of the earnings call.

What has changed, and what Google has been not been open about, is the very serious ripening of three different types of going-forward franchise risks (antitrust, privacy/security, and intellectual property) that cumulatively herald a de facto change in Google eras: from the roaring "Growth Decade" of 2000-2009, to the more unpredictable "Liability Decade" of 2010- 2019.

Google on Chrome: we don't need your permission

For skeptics of Google's need for more transparency and accountability, consider the latest disturbing example of Google Chrome not asking tens of millions of Internet users for their permission to gain wide open access to their computers and content -- when it clearly should ask for permission -- like every other Internet browser provider does.    

Per ComputerWorld's article: "Google's Chrome now silently auto-updates Flash Player." 

  • "Unlike other browsers, Chrome updates itself automatically in the background without asking for permission or prompting users that security fixes or new features are available." 
  • "Google uses a unique approach, they don't ask users [for permission to update], they just do it" said Peter Betlem, Senior Director of Flash Player Engineering.  

What this means is that unlike all other browsers or Google competitors, Google does not believe it needs permission from users to gain wide open access to users' entire computer software and all its private contents.

Do you know where your Google data was last night?

Yale University has postponed its adoption of Gmail in part because of concerns that Google will/can not tell Yale where or in what country their private information/data will be stored -- per Yale Daily News.

  • "Google stores every piece of data in three centers randomly chosen from the many it operates worldwide in order to guard the company’s ability to recover lost information — but that also makes the data subject to the vagaries of foreign laws and governments, [Yale computer science professor Michael] Fischer said. He added that Google was not willing to provide [Yale] ITS with a list of countries to which the University’s data could be sent, but only a list of about 15 countries to which the data would not be sent."

It appears that Google continues to organize information for the benefit of Google's own engineering efficiency, simplicity and convenience -- without regard to what is best or safest for its users.

  • WHERE users private data is stored by Google has immense implications for users' privacy, security and whether or not their private data/communications are vulnerable to subpoena, with or without their knowledge.  

This is further evidence of Google's cavalier approach to privacy and security of users.

 

 

 

 

Big Brother 2.0: Google-NSA through foreigners' eyes

Today's New York Times front page story "Google's computing power betters translation tool" by Miguel Helft spotlights that Google arguably owns and operates "the world's largest computer." The article quotes a Google  engineering VP explaining that Google's unparalleled computing power enables Google to "take approaches others can't even dream of."

Combine the world's largest computer, with the best automated translation capability for most all of the world's top languages, with reports from the front page of the Washington Post that Google proactively sought help from America's top spy agency, the NSA, for its cyber-security vulnerabilities, and it is not surprising that foreigners would be growing increasingly wary of Google and the extraordinary potential power that Google holds over them. 

So what do foreigners increasingly see Google doing?

First, they increasingly see "The United States of Google," a term Jeff Jarvis coined in his book on Google. Shortly after Google publicly accused the Chinese Government of being behind or complicit in the cyber-attacks on Google:

Did Google Over-React to China Cybersecurity Breach? -- "Security is Google's Achilles Heel" Part VII

It appears Google impetuously over-reacted to the big cyber-security breach of Google and a reported ~30 other companies. Google alone publicly blamed China and only Google publicly pledged to stop censoring search results in China in retaliation.    

What is the evidence that Google impetuously over-reacted here?

First, Forbes reported: "Researchers Call Google Hackers 'Amateurs' -- A new report says the attack on the search giants network was far less sophisticated than it has claimed." Specifically:

  • "A great play is being made about how sophisticated these attacks were," says Damballa's vice president of research Gunter Ollman. "But tracing back the attacks shows that they were not sophisticated, and that the attackers behind them have a history of running multiple botnets with a variety of tools and techniques," many of which, he says, were far more rudimentary than Google or the cybersecurity industry has portrayed."

People incorrectly assume that because of Google's popularity, brand and reputation for innovation, that Google is  secure and cutting edge on cyber-security -- when in reality they are not.

Pages

Q&A One Pager Debunking Net Neutrality Myths