Google is to begin encrypting its web search service for users on the Chinese mainland as part of a general beefing up of the privacy of its users worldwide. Search terms and results pages will be sent over secure connections to thwart government spies and other eavesdroppers. "The revelations of this past summer underscored our …
Complete block of Google's products in China in 3, 2, 1...
This is the same company that was busy using its Google camera cars to grab people's home wi-fi details, illegally, and now it claims to be acting in the interest of net users? It's not, it's a commercial company that operates for the sake of its own profit margins, which is after all its purpose, including that hyped up marketing slogan 'Don't be evil', read 'YOU don't be evil, but we can snoop away, avoid tax as much tax as possible etc."
No doubt being an American company it will oblige the NSA with a good number of back-doors, rather than risk its wrath (underhand or otherwise) in Google's primary market. Probably given up on China for good, or that 10% share is probably what they're desperately trying to cling on to so that they can maintain a toe hold there.
How would we know if it's encrypted or not?
Isn't even a small percentage of China's userbase actually a huge number?
Also, google has a history of sticking it to the chinese government. Remember when they basically caused a diplomatic incident because they refused to give the Chinese government their users details?
The Chinese will be thrilled.
They're happy to use Baidu and RenRen, both of which... shall we say "cooperate fully" with the Chinese secret service. Only westerners care about being spied upon by their government.
What about DNSSEC, etc?
HTTPS is an inconvenience for the Great Firewall, but since the Chinese government controls a certificate authority and spoofs DNS answers, it's not an insurmountable barrier.
What we need is end-to-end trust. They can start by signing the google.com zone, so a validating DNS resolver will refuse any spoofed responses. They can add the certificates that google.com uses to the DNS record using DANE or similar, so future browsers can refuse fake certificates without out-of-band techniques such as certificate pinning.
That's still not foolproof. Clearly, we can't trust google.cn. The Chinese government might decide to run its own DNS root, and outlaw domestic use of the IANA root. With the US finally deciding to get out of the business of running ICANN, the future of the root authorities could come into question.
Google would be better off...
Using the bot net for dissenters in China, as that is the only way they are going to communicate without government consent. I'm sure the ones getting away with it, operate much like the criminals that compromised Target. There are still no indications they on on the trail of any of those players, except maybe the coder for the malware involved. That saying, it could have been cracked by nation backed players anyway. Dalai Lama dissenters are the most advanced - obfuscating their communications with TOR or other P2P, and then handing it off to a local bot herder.
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Boffins spot weirder quantum capers as neutrons take the high road, spin takes the low
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Review Fiat Panda Cross: 'Interesting-looking' Multipla spawn hits UK