Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google and NSA Teaming Up

Posted by samzenpus on from the meet-my-big-brother dept.

i_frame writes "The Washington Post reports that 'Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.'"

27 of 125 comments (clear)

  1. Conversation between Google and NSA by elrous0 · · Score: 5, Funny

    NSA: We need complete access to your gmail system.

    Google: Alright! This is to help us with the recent China break-in, right?

    NSA: Um, sure...

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:Conversation between Google and NSA by biryokumaru · · Score: 3, Insightful

      Nah, they prolly just left Google a post-it note.

      --
      When you're afraid to download music illegally in your own home, then the terrorists have won!
    2. Re:Conversation between Google and NSA by Anonymous Coward · · Score: 3, Funny

      Pfft, I have long held that Google is just a front company for the NSA. Now it seems they are comfortable taking that relationship to the next level, out of the closet so to speak. (Adjusts his tin foil hat and returns to his regular viewing)

    3. Re:Conversation between Google and NSA by JWSmythe · · Score: 5, Funny

          They running Windows on their desktops, the NSA already had access.

      --
      Serious? Seriousness is well above my pay grade.
    4. Re:Conversation between Google and NSA by vxice · · Score: 3, Informative

      "The sources said the deal does not mean the NSA will be viewing users' searches or e-mail accounts or that Google will be sharing proprietary data. " RTFA, some people do take privacy seriously.

      --
      every anarchist is a baffled dictator. Benito_Mussolini
    5. Re:Conversation between Google and NSA by elrous0 · · Score: 5, Insightful

      Are those the same sources that used to say the NSA doesn't tap domestic phone calls--before a whistleblower outed them for doing exactly that?

      --
      SJW: Someone who has run out of real oppression, and has to fake it.
    6. Re:Conversation between Google and NSA by bberens · · Score: 3, Interesting

      Conspiracy theory #1: Google wouldn't let the NSA in (as much as NSA wanted). NSA makes it look like someone in China hacked Google. NSA comes to the rescue in exchange for protection money.

      --
      Check out my lame java blog at www.javachopshop.com
    7. Re:Conversation between Google and NSA by AliasMarlowe · · Score: 4, Informative

      You could google on _NSAKEY or NSA_KEY or NSAKEY and find what some security researchers in Europe discovered and published. For instance http://www.heise.de/tp/r4/artikel/5/5263/1.html
      A Microsoft officer offered to explain the presence of NSA_KEY, and indeed gave a partial clarification. Microsoft then declined to answer the follow-up questions which were asked, and refused to explain why they were not answering. http://cryptome.org/nsakey-ms-dc.htm
      Read into this whatever you like - innocent, tinfoil hat, or otherwise. Here's the wikipedia story about it; feel free to vandalize^W improve it with your comprehensive knowledge. http://en.wikipedia.org/wiki/NSAKEY

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  2. joint-venture by muckracer · · Score: 5, Funny

    As part of the agreement a new slogan to be used jointly by both Google and the NSA has been implemented:

    "No Such Evil" ...

    1. Re:joint-venture by derGoldstein · · Score: 3, Funny

      I thought it'd be:
      "Google/NSA: Your privacy is in good hands, with us."
      or
      "Google/NSA: Organizing the world's information; and more*."
      or
      "Google/NSA: Collaboration has a new meaning."

      --
      Entomologically speaking, the spider is not a bug, it's a feature.
  3. Defend its users? by sakdoctor · · Score: 4, Informative

    I can defend myself perfectly well, by using the correct tool for the job:

    Self hosted mail server: Business, personal, anarchism.
    Gmail: Fwding Lolcats.

    1. Re:Defend its users? by Lord+Ender · · Score: 4, Interesting

      Cloud computing has interesting security implications.

      The IT security team protecting Gmail are better at security than the team protecting your average datacenter, and they are FAR better at security than your average small business or home user "IT security team."

      But on the other hand, far more attackers are going to try far harder to get into gmail than to get into your small business mail server.

      So how do these factors balance out? On the whole, I think medium-to-large businesses with dedicated IT security staff will provide better security than you would get by cloudsourced IT; but the small businesses with no dedicated IT security staff really would be better off, from a security perspective, sending their IT systems to "the cloud."

      --
      A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  4. Really it means... by Cornwallis · · Score: 3, Insightful

    The objective is to better defend Google — and its users — from future attack.

    The objective is to better defend Google — and its users — from future attack by someone other than NSA and...

    1. Re:Really it means... by horza · · Score: 5, Funny

      It makes sense. I am having a professional burglar come around tomorrow to check my locks. I told him not to come around tonight as I won't be in.

      Phillip.

      --
      Property for sale in Nice, France
    2. Re:Really it means... by MadKeithV · · Score: 4, Funny

      I prefer parallel bowls myself.

  5. Shocked. Shocked, I Tell You. by RobotRunAmok · · Score: 4, Funny

    If anyone thinks this is the first collaboration between Google and the NSA, I've got a wall in China I want to sell you.

  6. post chinese leaders' emails by peter303 · · Score: 3, Interesting

    The Chinese people would love to hear about their bribes and mistresses. The NSA must have these if they exist.

  7. Re:IDK... by Zen+Hash · · Score: 4, Insightful

    The NSA has probably captured additional communications related to the attack, aside from what went through Google's network. I'd imagine they generally have far more extensive resources and experience than Google, when it comes to capturing/analyzing communications.

    --
    Here I sit, all broken hearted.
    Came to poop, but only farted.
  8. Re:IDK... by el_tedward · · Score: 4, Insightful

    Google probably knows more than NSA when it comes to things like search, but when it comes to breaking into a computer that doesn't belong to you, you're not going to find anyone much more knowledgeable than the NSA.

  9. Different Experts , but also deniability by gnieboer · · Score: 5, Interesting

    I've said it before, but if Google's investigation points to Chinese government IPs, they must tread on careful ground because they have employees in China that could go to gulag if Google gets too curious.

    Involving the NSA allows them a certain level of deniability/immunity, and let's face it, the NSA probably has been tracking Chinese Gov't IP's a lot longer than anyone, so I think it's not a question of 'better' experts, it more a question of experts experienced in doing what Google wants.

    I still believe that Google is still holding cards to their chest. I mean, how many other corporate hacks have occurred where the corporation has publicly requested the assistance of the NSA?? I'm not aware of any (though I'm sure someone will post a link showing how little I know!). So I think Google already has very good evidence that the Chinese Gov't was behind it, but is afraid to make that information public.

  10. Google can Read Your Mind... by netsharc · · Score: 4, Interesting

    Google has always been able to use the things people are looking up for evil: if someone using Apple's IP googles a particular microchip's specs, you might infer from that that they might be thinking of using that chip soon.

    How about a Chinese IP googling "openssl 0.9.6 exploit".. especially if that IP was just visiting www.$SOMESITE.gov, where the HTTP-headers mention it's using "openssl-0.9.6". Or a Saudi Arabian IP googling for flight info inside the US, and a few seconds later, a Yemeni IP opening up the same URL (hmm, although without that site's cooperation, the NSA won't be able to see that, or are they..?)

    Such powers would be interesting, for the wielder. Not so much for victims of its inevitable abuse.

    --
    What time is it/will be over there? Check with my iPhone app!
  11. No evil by McGiraf · · Score: 4, Funny

    Do no evil, with a little help from Satan.

  12. Anonymous Coward Trolls by happy_place · · Score: 3, Insightful

    Funny how this topic breeds anonymous coward trolls, and isn't it strangely coincidental that they're all of the same meme. Google is evil. US Government is a bad guy. China is a victim.

    I'm sure it's only a coincidence.

    --
    http://www.beanleafpress.com
  13. Re:Here's an oldie... by blackest_k · · Score: 4, Informative

    may i recommend detiny url expander a small add on for firefox https://addons.mozilla.org/en-US/firefox/addon/13140

    which expands the above link to http://web.archive.org/web/20001202200100/http://---www.goatse.cx/ (If you really want to click it you will have to go to the parent post)

    --
    Blarney Quality Restaurant, Plants
  14. Security is NOT an issue with The Cloud. by Anonymous Coward · · Score: 5, Funny

    Wait a minute. I'm a manager, and I've been reading a lot of case studies and watching a lot of webcasts about The Cloud. Based on all of this glorious marketing literature, I, as a manager, have absolutely no reason to doubt the safety of any data put in The Cloud.

    The case studies all use words like "secure", "MD5", "RSS feeds" and "encryption" to describe the security of The Cloud. I don't know about you, but that sounds damn secure to me! Some Clouds even use SSL and HTTP. That's rock solid in my book.

    And don't forget that you have to use Web Services to access The Cloud. Nothing is more secure than SOA and Web Services, with the exception of perhaps SaaS. But I think that Cloud Services 2.0 will combine the tiers into an MVC-compliant stack that uses SaaS to increase the security and partitioning of the data.

    My main concern isn't with the security of The Cloud, but rather with getting my Indian team to learn all about it so we can deploy some first-generation The Cloud applications and Web Services to provide the ultimate platform upon which we can layer our business intelligence and reporting, because there are still a few verticals that we need to leverage before we can move to The Cloud 2.0.

    1. Re:Security is NOT an issue with The Cloud. by Lord+Ender · · Score: 4, Funny

      Oh come on! You can't just throw terminology around like that without metrics to back it up! What does Gartner have to say about it? What magic quadrant is it in?

      --
      A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  15. Re:Here's an oldie... by biryokumaru · · Score: 3, Informative

    I recommend ChromeMUSE for us Chrome folk.

    --
    When you're afraid to download music illegally in your own home, then the terrorists have won!