Here's something I would never have said 10 years ago but...
… I am realising that I trust Microsoft FAR more than I would ever trust Google with my data.
I hope the feckers get taken for every single last penny they own and then some.
A request by Google to throw out a lawsuit that alleges the company violated US federal wiretap law has been rejected by a judge in San Francisco. This means Google can be sued for its Street View vehicles' Wi-Fi data slurp, reports The Wall Street Journal. Plaintiffs from a number of states in the US are seeking class-action …
This would be the same Microsoft who "protect consumers’ information" who have admitted that they will not protect non US citizens data from the US Government:
"Managing Director of Microsoft UK fielded a question about whether Microsoft could guarantee that data stored in the European Union would stay in the EU, even if it was requested by the U.S. government under the Patriot Act. Whittaker said Microsoft could not make that guarantee."
""Any data which is housed, stored or processed by a company, which is a U.S. based company or is wholly owned by a U.S. parent company, is vulnerable to interception and inspection by U.S. authorities,"
And what data was Windows delivering when it "phoned home"? Emails and passwords? There is NO comparison between Windows "phoning home" vs Google stealing your passwords, emails, and whatever other data it can get is filthy mitts on.
But still, nice to see that for some people, bashing Microsoft *still* takes priority over every single act of civil and criminal malfeasance that occurs in the IT and computer industries.
Nope, just showing up their PR stunt for what it is. MS, Google, Facebook ect are not advocates for consumer privacy, no matter what the PR wonks may claim. Their business model (wholly or partially) depends on "invading your privacy" and targeting you.
And how can Google "steal" what people are giving away for free?
My question was "And what data was Windows delivering when it 'phoned home'? Emails and passwords? "
Bringing up Facebook is NOT an answer. It's an evasion.
And "unsecured wifi network" is NOT synonymous with "available for public use". It is no different from saying that anyone who fails to lock their door is giving permission to any passer-by to come in and remove all their possessions..
For anyone who is concerned about privacy, Reid Kuhn's blog post is hardly a "PR stunt": it is something well worth thinking about.
From around 2006 it was a daily spurt of data back to Redmond on a per-boot/daily basis (later changed to bi-weekly). What data was sent? IP address, machine manufacturer, locale etc. Enought to be uniquely identifiable. The WGA was sometimes installed without consent, could download extra software and morph its own behaviour; this led many to label WGA as "spyware at the time.
"It is no different from saying that anyone who fails to lock their door is giving permission to any passer-by to come in and remove all their possessions.."
That's theft. However a stranger walking through said door is would hardly a surprise would it? And depending on where you live it wouldn't even constitute trespass. The stranger having to kick the door down is a different matter. IRL analogies rarely work, but congrats for not picking a car analogy!
Reid Kuhn's (any relation to Bradley?) is interesting, but that does not stop it being a PR stunt, not does it exonerate MS from past or future actions and people should not trust them. Nor Google, nor...
"IP address, machine manufacturer, locale etc. Enought to be uniquely identifiable." And you think that hashes of hardware strings are more "personal" than emails, passwords, and whatever communications and data packets Google intercepts? You're free to think so, for whatever reasons you have for thinking so. As for the WGA, that STILL is not akin in any way to Google's data theft.
"That's theft. However a stranger walking through said door is would hardly a surprise would it?"
An irrelevant point.
"And depending on where you live it wouldn't even constitute trespass."
And in certain places it would constitute trespass. So your point is again irrelevant.
"The stranger having to kick the door down is a different matter."
Another irrelevancy. You are on a hot streak!
And incidentally, there are judges in various jurisdiction and government and law enforcement officials in various countries who think that Google's data theft *is* a serious matter. If you want an example, just read the original article again. YOU might think that you can obfuscate matters by bashing Microsoft, but I would be more than a little surprised if all the judges, government officials, and law enforcement officers would find your points to be anything other than... irrelevant.
"And you think that hashes of hardware strings are more "personal" than emails, passwords, and whatever communications and data packets Google intercepts?"
Where did I ever say that? Where? Kindly keep your straw men to yourself.
" "That's theft. However a stranger walking through said door is would hardly a surprise would it?"
An irrelevant point."
Nup, that's exactly the point - as far as you analogy goes anyway.
" "The stranger having to kick the door down is a different matter."
Another irrelevancy. You are on a hot streak!"
It is also relevant. Theft is theft, we can agree on that I hope. Kicking down the door is akin hacking the WiFi crypto. Walking through the open door is simply listening to what gets blasted into the air. No more. Although I repeat, IRL analogies rarely work.
"there are judges in various jurisdiction and government and law enforcement officials in various countries who think that Google's data theft *is* a serious matter."
I never said it wasn't, but I don't think it's theft and I would not class it as intercept because*the data was not encrypted and was sent into a public space*. I said below that does raise very interesting issues that society and the law need to address.
The whole *POINT* I was trying to make was that MS are using this as an excuse for a PR stunt to try and paint themselves in glory "we place a priority on privacy". But they have a past history of invading privacy and cannot be trusted. And to make the point clear, one cannot trust Google either!
What you are doing by bashing Microsoft is a classic, and transparent, example of misdirection. There are law enforcement officers and government officials who think that Google's behaviour warrants investigation, and *your* response to this is to bring up irrelevant actions by Microsoft. Moreover, your examples of Microsoft's "invasions of privacy" - hardware hashes and the manufacturer of the computer - are pretty flimsy compared to what Google is doing: stealing emails, passwords, and whatever data they can capture. Compared to Google, Microsoft is positively *angelic*.
But please, if YOU want to adore a company whose single overriding ambition is to "serve the perfect ad" then you just go ahead and adore them. I will not bother to tell you that there are people, quite different from you, who find such a goal, and the company that entertains it, to be profoundly contemptible - and would find them to be so even if they were not engaging in all the rest of what they do, such as wifi data-theft.
I didn't bring them up, the OP introduced MS.
And I will repeat once again, in the futile hope that you finally get it: the information was blasted into the air. These folks may as well have gone into the street and yelled their orders to Amazon at the top of their voices.
Do I trust Google? No.
Do I think Google is a pure as the driven snow? No. I think they way they caved into China was repugnant.
Will I let MS off the hook for their past misdeeds? No.
And will you stop with the straw men? I have never said I liked (or even adored) Google. In fact I have repeatedly stated that I do not trust them. Stop reading what you think my opinion is and start reading what it actually is.
There was no theft - you CANNOT steal what is FREELY GIVEN AWAY.
ah deary, thats a terrible analogy, wifi and doors.
try this, you were stark naked on your balcony in public view and complained when someone took a photo of you. You don't know what they intend on doing with the photo, and so far they haven't published it.
you're upset they have a photo of you naked, and although they shouldn't of taken a photo - as the moral ground of your argument, you were there for all and sundry to see. any passer by with a set of eyes could of observed you, and seen what you were doing and all you had on display. you couldn't prove they don't have a photographic memory and will be forever scarred by what they saw, either.
now if the person with the photo used to to build a database of where you are based on how many, what type and so on naked people they can see, then they have used their photo to determine that, and built a database without releasing the photo or the details of your nether regions.
now explain to me how broadcasting in the clear, anything, is somehow not public domain? is it simply because you can't see it with your eyes, it must be private, and therefore its snooping to receive said transmission? the fact that google dumped the raw data, akin to taking a photo instead of recording the specifics, doesn't amount to a whole lot, if you ask me.
if they released the usernames/passwords/details they collected then yea, that shows malice. but collecting something you where transmitting and using the summary data, hardly an issue.
I think you'd see the problem rather differently if the human body had an input that could handle the wifi data, you might grasp broadcasting doesn't mean soliciting and you can't be entitled to privacy if you're forcing people to 'close their eyes'/turn off their wifi as they walk past because you're too lazy to 'put on clothes'/use wpav2 as my analogy fits.
I wonder when the ICO and UK Prosecutors will get round to nailing Google.
Oh, silly me, just like BT & Phorm, there is no case to answer....
How stupid of me, I'll get back in my box and keep peddling.
Have I missed something here or do businesses exist to serve people and abide by the law or do people exist to allow businesses to do what they fnkng well like?
BT we providing a service to their customers, so there was an actual relationship there. BT deserve a serious kicking for Phorm.
If Google had been providing such a service (or mined this data and linked it back to a users GMail/search account) *then* they'd deserve a similar kicking.
Of course, if Google have done that; kick away!
Google captured the network data. No question.
Google /could/ mine, index and cross-reference that data.
Google /could/ release that data and someone else /could/ do the mining etc.
This all /could/ lead to a massive loss of privacy.
I get that, I really do. And it raises many questions about how society and the law deal with such things.
Is it really (really, really) a criminal offence to do little more than record what people are publicly blasting into the air? If I record on a dictaphone what someone in a public place is shouting, have I now broken some law? If someone put personal information on a billboard, are you guilty of a crime just for looking? These people are *giving* their information away.
Is Google the whipping-boy? I'm not so sure. Is it a PR disaster? Oh my yes. Should they have done it? I don't think so. Was it malicious or with bad intent? Probably not - I'm going with cock-up.
If YOU d not secure YOUR data on YOUR network, don't be too surprised when it goes AWOL.
I pretty much agree with all of your post and only marginally disagree with the "people are giving their information away" bit.
Here's my analogy: I could leave my (nice) car parked on the street, unlocked, windows down, keys in the ignition, etc. For all intents and purposes I'm practically "asking for it to get taken," but it would still be considered theft if you drove it to your home (without asking). Everybody might rightfully label me a dumb @$$, but my car would still have been classified as stolen.
In my opinion there is really no difference here. E-mails and other digital content, while inherently insecure (like leaving your car unsecured), are still generally intended to be private by the author. Yes, data transmitted to/from an unencrypted WAP is inherritenly insecure and it is patently dumb to think you data won't get stolen. However, that doesn't change the illegallity of taking that data without permission.
"Do no evil" Malarky...
Paris because she hasn't gotten much play recently.
Oh know! Car analogy! But yes I agree, that is theft. What would not be a crime would be someone opening the door, having a wee seat, and then leaving the car unharmed. Heck, they could even rummage through your glove box. As I said to Turtle, IRL example rarely translate.
No data was taken, that's where it IRL analogies break down. The "in the clear" transmission was merely listened to. I, to this day, do not conduct certain transaction via web/email because of that exact risk. I do them IRL to ensure security.
And I'll reiterate in case people think I'm some fanboi, I wouldn't trust Google to boil an egg!
and counseling too . . . and a chocolate biscuit . . . and a nap.
Gimme a break, the whole argument is stupid - Google did much the same and anyone with Wireshark and a laptop can do - WIGLE.NET users upload AP names daily and nobody gives a rats ass.
If it's not encrypted then it's not private - and even it if is encrypted, you'd be a fool to assume that it's private.
QUIT WHINING YOU BUNCH OF BABIES!
The unlocked front door/car door analogies miss the point.
Google did not enter anybody's private property to obtain the slurped data. They were in a public placeand got what they could. If the householder had secured the signals they were emitting Google would have got less.
Similarly, if Google had their cameras at normal head height in the street and took a picture through your window of you changing your underwear you may object but you were carrying out your shreddy-swap in plain sight.
You *could* have have closed the curtains but you didn't. Joe Bloggs *could* have configured WPA2 but he didn't.
It has already been ruled that if it can be seen by 'normal' viewing from a public place it can be photographed/recorded. Why should wireless transmissions be treated differently from photons?
If you don't secure your wifi and my mobile device connects to it, I'm going to use it. If I don't secure my wifi and someone else connects to it, I accept that they are going to use it.
Use it meaning, use for intended purpose, not attempting to countermine the security to access a network other than that granted by default as the *open* access. IE - route to the internet.
The trespasser in your home analogy does not work because that is real (physical), private property. Your wifi signal is extending beyond your property. I do not grant you the right to be on my property to use my wifi but you can use it while you aren't on my property.
Further, to whatever extent my wifi signal exceeds the boundaries of my property I concede responsibility to not have it interfere with someone else's fair use of that radio spectrum, but it's an afterthought since the FCC in the US regulates such things.
A better analogy would be that if you are standing in public singing, or even on your private property, you can't demand that everyone not on your property cover their ears so they can't hear you.
"Microsoft, Apple and others are just as interested as Google are in your private information."
While that may be true, the *fact* of the matter is that no one has gone nearly as far as Google in getting that information. That's a pretty significant point and one that is worth keeping in mind.
"and wasn't there some hoo-hah a few years ago about "phone home" features in Windows? A
spy-on-your desk is a lot worse than a time-limited data slurp IMHO."
Google steals emails and passwords, and YOU seem to think that Windows sending a hash of hardware strings and "IP address, machine manufacturer, locale etc" is more invasive. To say that this means that Microsoft put a "spy-on-your-desktop" is highly disingenous, especially when comparing it to Google's electronic surveillance. But maybe you actually believe it.
And there is a reason why this was a "time-limited data slurp' and the reason was, because THEY GOT CAUGHT. Otherwise, it would have been "time-limited" only in the sense that the duration of their data-slurp would have been limited to the duration of Google's existence.
And you seem to think that the fact that this data was stolen on unsecured networks exonerates Google from all responsibility. Somehow, Google's lawyers *forgot* to mention this to the judge, or the judge was so ignorant of the law that he did not even know, that data on an unsecured wifi network can be intercepted by anyone who is inclined to do so, and that, therefore, Google's actions are not illegal in any way.
Or maybe some of the people who are still making excuses for Google need to get a "clue" and realize that if the judge allowed the suit to proceed, and if Google's lawyers did not attempt to quash the suit by pointing out that the data was freely interceptable because the network was not secured, then maybe, just maybe, both the judge and Google's lawyers know better than you. I, personally, will assume that Goggle's lawyers haven't used this "defense" because they know it is an admission of guilt that provides no defense.
And all of this still does not make Reid Kuhn's blog post a "PR stunt"...unless of course you are predisposed to excuse Google and bash Microsoft (as you seem to be). That Google intercepts data and Microsoft doesn't is *not* the sort of insignificant detail that you want people to think it is.
And for anyone who *actually* cares about privacy, Google's actions must be judged as far more pernicious than anything that Microsoft has *ever* done... including, as you yourself noted, Microsoft's (rather extravagantly named by you) "spy-on-your-desktop" "phoning home" with "IP address, machine manufacturer, locale etc" - rather bland bits of information, compared to what might be in your emails, for example.
But you are determined not to see this.
Biting the hand that feeds IT © 1998–2019