You know what Google needs? Another Street View data-slurp probe A UK inquiry should be held to determine whether Google knew that its Street View cars were collecting personal data over unsecure Wi-Fi networks for use in other projects, a politician has said. Claude Moraes, an MEP who represents London, said that allegations contained in a recent US regulator's report into the matter …
As much as I dislike Google spying on our emails, documents* etc....if you are monumentally stupid enough to blast your information unencrypted over the air, then you deserve what you get. Why broadcast in the clear unless you want man+dog to listen in? Seriously, just how thick do you have to be?
If Google turn round and do something illegal with that data, then we can talk. In the mean time, encrypt your WiFi.
Cue the downvotes - I can take it.
*I do use gmail, but hopefully not for much longer. I refuse to use Google drive, apps or docs due to privacy concerns and I block Google as much as possible.
Exactly. I doubt Google did it to try and exploit the data, it was probably some engineer's design not being suitably vetted/reviewed. Any fool would be able to see that it's Not Okay to intercept and analyse peoples' network traffic even if they are on an unencrypted network, and Google whatever they may be are not fools.
It's more like complaining that people are eavsdropping when shouting down a cellphone on the train.
No, it isn't. Shouting down a cellphone on a train means people can hardly avoid overhearing and it's reasonable to assume the person on the phone doesn't expect privacy. Slurping unencrypted network traffic requires a conscious effort and it is reasonable to assume that the owner of the network isn't expecting people to be listening in.
No, because that's theft (although their insurance company may argue negligence).
Nice way to conflate to completely separate issues.
Okay, maybe it would be a fairer comparison if I'd referred to somebody walking in and having a nose around? Either way the lack of security is unintentional and it is not reasonable to assume the network owner (or householder, in my example) is happy for people to be snooping around.
That's a bit of a flawed analogy. What this is more like is standing at your bedroom window, shouting how you murdered someone while a BBC camera crew is standing next door. In this situation, you cant really then complain when your 'broadcasts' get captured by a third party.
Perhaps somebody can answer this question. Were Google merely collecting broadcast data, or were they actively attempting to connect to unsecured access points? If it was the former, then my analogy is pretty much perfect. If on the other hand they were actually making connections, then their behaviour is a little harder to justify, although I'm still hesitant to criticise too much, since there is no real reason for leaving your access point unsecured.
That's a bit of a flawed analogy. What this is more like is standing at your bedroom window, shouting how you murdered someone while a BBC camera crew is standing next door. In this situation, you cant really then complain when your 'broadcasts' get captured by a third party.
In the example you give the person shouting from their bedroom window should expect somebody to overhear - even if nobody is actively trying to do so. This is not in any way the same as somebody running an unsecured wireless network - to capture and retain that information requires somebody trying to do so.
It's not my analogy that's flawed, it's yours.
I am not arguing that running an unsecured wireless network is in any way sensible, but many people do so and do not expect people to be slurping their traffic as a result.
Exactly.
I don't even call them "secure" or "nonsecure" any more. I call them "private" and "public" respectively.
If you're running a public router, expect the public to connect to it. Oh, and for people to hear what you're transmitting.
Hang on just a mo.
GSV were trotting around taking photos. That's fine; it's what they said they were doing.
BUT Can someone please explain WTF a WiFi connection was necessary for if the purpose o fthe exerecise was just taking photos?
In fact, why was there an active WiFi point in the vehicle in the first place? The thing is going to spend its entire active life more than 30m from base, after all.
Dataslurping begins to sound pretty bloody intentional - you don't "accidentally" design a WiFi system into a camera, do you?
They were doing it on purpose to link MAC addresses (universally unique addresses of home and business wireless routers) to GPS co-ordinated. This is so they can guess where you are in the future by looking up the MAC addresses your mobile device can see and checking these against a world wide database - not a bad idea if your GPS coverage is a bit flacky.
Of course they picked up a lot of garbage as well as the MAC addresses they wanted in the spource data, and someone thinks that there's half a chance that the source data still exists (unlikely) and that someone would be arsed to search through it for anything other than the address data (verging on the paranoid delusional).
Not to mention that MAC data is useful for laptops to locate themselves, and most of them don't have GPS hardware at all. That's what that little "browser wants to share your location data with application" popup DOES once you press Yes: it sends the relevant network information off to Google, Google says "This is where we think that WIFI thing is", and the widget announces that to the application. Usually that's good enough for several tens of metres of accuracy.
Google's competitors now scour the world for any sort of offense they can find. And if they can't find one, they make one up. "Special friends" are encouraged to investigate - even if political campaigns must be contemporally (but completely coincidentally) greased. So many of these have been found to be baseless in the last year it's astounding.
This is what technology innovation has become: the dirty, slimy underbelly of politics - committed to the prevention of your competitor's progress by any means necessary.
Right. Some "rogue engineer" wrote the software code that enabled Google's Street View cameras to capture Wi-Fi data. And here I am so backwards that I didn't even know cameras could do that. Or maybe the "rogue engineer" wrote some software that gave him the authority to install wardriving gear in the cars, eh?
Sound very plausible. Well, maybe not...
http://www.huffingtonpost.com/eric-k-clemons/google-privacy-case_b_1522874.html?ref=google :
"Whether or not the harm of Google's Wi-Spy abuses is comparable with their magnitude, I would like to suggest that Google's privacy practices can no longer be considered acceptable.
* If a rogue Chinese official collected this much information on American citizens, even without authorization within the Chinese Government, we would be outraged
* If a rogue CIA or FBI agent collected this much information on American citizens, even without authorization from appropriate authorities with the Federal Government, we would once again be outraged.
And yet we now know that Google's Wi-Spy scandal was not the work of a rogue employee, but had been cleared and was intentional." (This is a very worthwhile article, and goes far beyond this one particular scandal. The article's assertion that this was intentional links to the following:)
http://www.nytimes.com/2012/05/01/technology/engineer-in-googles-street-view-is-identified.html?_r=2&pagewanted=all :
"Engineer in Google Case Is Identified:
"Google long maintained that the engineer was solely responsible for this aspect of the project, which resulted in official investigations, some still unresolved, in more than a dozen countries. But a complete version of the F.C.C.’s report, released by Google on Saturday, has cast doubt on that explanation, saying that the engineer informed at least one superior and that seven engineers who worked on the code were all in a position to know what was going on.
The F.C.C. report also had Engineer Doe spelling out his intentions quite clearly in his initial proposal. Managers of the Street View project said they never read it. "
Never read it. And they think that, even if it were true, it absolves them of responsibility? I guess they do.
On the other hand, some people think that he was hired precisely for his experience in writing wardriving software.
Google were driving round collecting packets from people's wi-fi, but the odds are that they would be one or two packets from each access point, and the primary purpose of this was for their location data - in other words using your MAC address to identify where you are. You may or may not be okay with this - personally, I'm not greatly happy about Google being able to determine my location by the MAC address of my routing hardware.
Okay, Google were naughty to be colelcting and storing more information than they strictly needed for this task, but the odds are that there isn't much else they could use this for, they deserve a slap on the wrist for it, and not much more.
What DOES concern me is that there are enough people out there using unecrypted wi-fi that Google could intercept their emails whilst driving by. These people are in serious need of some education - if someone relatively benign* as Google can intercept their wi-fi whilst driving past, ANYONE could be doing the same without detection, be it their neighbours, someone in the park opposite, or someone parked outside in that suspicious white van.
If you're using wi-fi, you are broadcasting information - in my opinion, picking up that broadcast isn't 'interception' any more than watching TV is. If you can't be arsed to figure out how to encrypt your wi-fi, use a wire.
* Relative is a relative term, as it were.
For falsely hyping up the severity of this.
Firstly, you would have to be stupid enough to have your wifi unsecured.
Secondly, you would have to be transmitting data at the exact moment the Streetview car was in your area.
Thirdly, you would have to be sending data over a unsecured non-SSL connection.
Fourthly, Google would have to packet analyze that data and turn it into something useful.
The number of people affected: 0
The amount of times I have seen it reported in the press that "Google could surf your home computer's hard drive during streetview slup" is beyond belief. How stupid are the tech writers?
This news gets the Shitpeas "Storm in a teacup" award for sensationalist press reporting.
A UK inquiry should be held to determine whether Google knew that its Street View cars were collecting personal data over unsecure Wi-Fi networks for use in other projects
No, what the public needs to do is decide what is acceptable, and what isn't.. We already know what problems this stuff can cause. A zillion arguments for why it isn't encrypted, the reality is some people are going to run open if they can. So what do you want to do about it? Allow it? Outlaw it? Outlaw snooping on it? Allow snooping on it? That's all that needs to be discussed. No need for "inquiry" which won't get shit done.
is the greatest danger to privacy in the UK and definitely requires an inquiry. Why worry about such minor facts that the UK was estimated over a year ago (http://www.guardian.co.uk/uk/2011/mar/02/cctv-cameras-watching-surveillance) to have at least 1.85 million CCTV cameras, i e, one for every 32 persons residing in the country, when attention can be distracted by pointing to Google's excesses ? The number of cameras in the London Underground alone was said to be as many 11000. But by all means, do get exercised about Google's Street View - after all. the price of liberty is said to be eternal vigilance and under just which cup is that little pea ?...
Henri
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
