We really aren't evil afterall
Google will shelter charities and activists from distributed denial-of-service attacks by wrapping their websites in its protection technologies. The advertising giant announced its Project Shield initiative on Monday, and said it wanted to "protect free expression online." "Project Shield is a service that currently combines …
We really aren't evil afterall
Not content with pwning the world's commercial metadata, Google, and, by proxy, the NSA et al, want to be able to track consumption of independent news data and private personal concerns and support for charities.
Whatever happened to that old fashioned idea of the internet being a place where ideas could be stated freely and content consumed privately?
I'm not so concerned about the NSA's present use of the data (although absolute power corrupts absolutely), but Google do business globally and are bound by local laws in each country. How long do you think it will take various governments around the world to realise that Google's log records for connections from their country would be very useful in identifying and tracking "dissidents"? Google then becomes a one stop shop for all a totalitarian government's big data needs (email, search history, web usage ...).
What's that internet truism "if it's free to use then you aren't the customer." Sounds applicable here.
I think you're missing the point here.
Google wants to compete at PaaS with AWS and are testing and advertising a key product differentiator.
The problem is that they're doing it with an altruistic spin to vulnerable groups. The danger is that this "Give us all your information on your (social) networks and funding and logistics because you can trust us, honest!" is a classic first step. The next step is to change the laws on what is and is not allowed. And at that point your vulnerable human rights, freedom of expression, minority, etc groups are hung and dried. It has happened time and again in countries around the world. In the real world that is, not the digital one, that is what is new about this. Normally it's the government that has to do that data gathering first step, but this way round Google save them the bother.
If they really are altruistic they would give the money to some independent non-commercial trust/charity/foundation/whatever-they-do-in-the-USA which has no financial motive to kowtow to abusive governments. Google would promise to support them financially, but allow the trust/charity to adminster all the technical details in a way that does not expose these groups to dangers they probably don't properly understand. It would be interesting to hear what EFF and even Amnesty have to say on the subject.
If they're in it for the money and they don't give a stuff about their users' physical security then they should be clearer. If it really is a drive for a commercial PaaS differentiator then they should not be targetting the groups they are targetting with the offer, certainly not without strong assurances about the potential weaknesses of such a system.
Google are not necessarily complicit in some nefarious government plan, but by centralising so much information in a commercial enterprise where the bottom line rules everything it seems that they are at the least naively opening up an easy way for abusive governments to try to control their own people. Do no evil?
How are Distributed Denial of Service attacks facilitated in the first place?
CloudFlare offers a free DDoS mitigation service that, Prince says, "provides at least equivalent DDoS protection to what Google is offering."
CloudFlare has one big competitive advantage over its DDoS-mitigation rivals that significantly boosts its desirability in some markets: It is spam-friendly and willing to host DDoS-proof spam sites for large-scale spammers.
Past and present Cloudflare customers like spamvertised "make money fast" Ponzi scheme site oriscashsystem and carding and malware forums like Cpro can attest to CloudFlare's technical proficiency, DDoS mitigation, and willingness to turn a blind eye to abuse. This will, as the market for DDoS mitigation becomes increasingly competitive, no doubt give Cloudflare a significant marketable edge.
There is only one relevant question to me, is Cloudfare under the NSA (or its GCHQ vassal) too?
Mind you, I suppose spammers don't care.
Cloudflare has ten data centers in the US and is incorporated as a US corporation. It's headquartered in San Francisco, CA. Does that answer your question?
It would be really terrible if the NSA could see what was on your public website?
I think Google has a better track record than some on respect for free expression, but I worry that they will find some kind of goofy ad-ridden way to monetize the supporter/sympathizer base of these NGOs that will be hoovered up into the Google cloud.
(P.S.--Project Shield? A PM named Matthew Prince? I'm half expecting some kind of Nick Fury references to pop up)
Nice offer, but gives the NSA total access if you're foreign, since the NSA needs no warrant to see all the data of a non-US entity or non-US vistor to a US-based website.
Google, Apple, Microsoft, Yahoo, to a foreigner even remotely curious, let alone interested in, political activism they are all the NSA.
If Google really truly wants to do this, they should set up a charity in a country that respects human rights for all humans, not just its own citizens and residents.
The charity could only have and use facilities in countries that recognize human rights for all humans.
The FISA courts have ruled Yahoo and thus Google are barred by law from extending human rights to non-US citizens.
they should set up a charity in a country that respects human rights for all humans
Where is this amazing place?
"Where is this amazing place?"
Proxima Centauri perhaps?
Of the Centauri Republic? I think not!
What a stupid argument. It's like lambasting a billionaire who gives 10% of his fortune away.
Can this work in reverse to shield the world from unmaintained Google servers? Google Groups has been serving a prolific spammer from Chinanet-FJ for 8+ years now. See https://groups.google.com/d/msg/rec.sport.disc/aSXOr2Pna1g/3Ev8xKes3LYJ or just search Usenet for "Nike". Oh right, Google doesn't really want to stop attacks. They want to consume all of your data.
soon all your base are belong to us Google...
For all we know Google could be selling a rock that keeps DDoS attacks away.
Had a denial of service attack? No? The rock must be working then!
Biting the hand that feeds IT © 1998–2017