Slashdot Mirror
Google Tells Congress It Disclosed Wi-Fi Sniffing
theodp writes "While conceding 'it is clear there should have been greater transparency about the collection of this [Wi-Fi] data,' Google asserted 'we have provided public descriptions of our location-based services' in its written response to Congress (PDF) about whether the public had been adequately informed of its data collection efforts. To prove its point, Google's how-many-times-do-we-have-to-tell-you answer included a link to a blog entry on My Location on the desktop, an odd choice considering that Google is still less-than-clear about exactly what's being captured by the service ('When My Location is active, Toolbar will automatically send local network information (including, but not limited to, visible WiFi access points)'). Congress might also want to evaluate the transparency of this cute Google video, which assured the public of Street View's privacy safeguards, but gave no hint of the controversial Wi-Fi collection."
A major corporation fibs to the government about their shady acts? Say it isn't so! We all knew this was going to be how it went down from the time the Wi-fi sniffing was first announced. There's no surprise here. There really isn't much more to say about it. We've covered the shadiness of the whole thing at length in other stories, and it's really barely news at all that Google is trying to snow Congress about it...
just incompetent.
"National Security is the chief cause of national insecurity." - Celine's First Law
Google is sort of a news provider now. Why don't they just hide Street View behind the 1st Amendment?
The Admin and the Engineer
There's another, as-yet unpublished Google patent filing that discusses the use of a 'mobile device data collection module' to 'collect data on a set of mobile devices which are using [a] wireless base station', including GPS location information, time information, and 'application specific data, such as, map requests, etc.' The listed 'inventors' include a Google Latitude Product Manager.
The article says Google has been "less than clear", but that just for people who don't understand the technology. Exactly what data Google collects, and how they use it, is obvious for anybody who understands the technology. A good explanation of that technology is here:
http://erratasec.blogspot.com/2010/05/technical-details-of-street-view-wifi.html
This is just another example of people being scared of "witchcraft". In this case, so many people (even Slashdot readers) don't understand WiFi technology, so the witchhunt is more persistent.
Google's how-many-times-do-we-have-to-tell-you answer...
Most savvy corporations know the phrase "Do not taunt Happy Fun Congress!".
Really, people. Does Congress really not have anything more important happening? Than fighting off a big evil corporation committing such hideous acts of betrayal? I'm not defending Google. I would gladly move to a magical land where companies treat people decently. Yes, I think that we should do what we can to make this planet better. I just don't see the reward for Congress to even bother with this.
Look, either Google gets to do its thing or it will take the search engine away and THEN where will we be? Huh?
So Google figures out that it doesn't need to pay Skyhook for WiFi information anymore if it has its own database - and building its own database is fairly simple from the Google Street View vans. This saves them money, allows them to do better advertising and charge advertisers more. What possibly would there be to complain about, anyway?
It's not that you were actually using this information for something, now was it? So what do you care if someone else makes money off it? Or at least saves money. Besides, it isn't like Skyhook didn't do exactly the same thing to build their database - or didn't you think of that?
One of the rules of the Internet seems to be that whoever is the most daring and audacious gets the prize. If you can figure out how to make money off something - no matter how incredibly invasive or annoying it might be - then the first one to do it wins. You mean you didn't think it was worth taking pictures through people's windows all over the world? Well, see - Google did it and won, you lost. The idea that you might not want everyone all over the planet to have access to a photo of your front door and whatever you have in your windows isn't really relevant to the discussion. You gave your permission when you didn't shoot the tires out on the van as a trespasser. And today, there are no neighborhoods that would decide to "take action" - nobody knows their neighbors well enough to join them in doing anything.
It's naive to think that only Google can collect your wifi info. People are probably doing so in your town already. Check out sites like this one. My ESSID appears listed there in each of the places I've rented over the last 4 years or so.
Is that a problem? I don't think so. Secure your network if you're concerned about it.
This is not "shady." I operate an open wifi hub myself and I live in town. One neighbor is almost always connected via his iphone. What neighbor? I haven't a clue - that's the whole point of providing anonymous and free bandwidth to my community. I hope that person is using it to save money on their phone bill cuz, as a homeowner, the better off my neighbor is the better off I am.
People are not idiots. When it is called "wifi" and "wireless" and you can network comupters without wires, anyone who understands technology of the last century knows it's using radio. They may choose to remain ignorant to the details, but it's simple common sense that when I am using "radio" others can hear shit I say unless I do something about it. The government and the media powerhouses have done their part in making the public scared enough of this technology that most now attempt to lock them down using wep, again demonstrating that most have a basic understanding of the technology.
Making shit public and then bitching about someone for using the information YOU CHOSE TO MAKE PUBLIC is a synthetic dismissal of responsibility (or...ummmm.. just a lie). The only thing Google is guilty of here is having enough money and resources to gather this data on a larger scale than I and my neighbor are capable of.
Since the W3C spec editor is a Google employee (see below), calling "witchcraft" on the W3C is essentially the same as calling "witchcraft" on Google, no? :-)
Geolocation API Specification
W3C Working Draft 07 July 2009
This Version:
http://www.w3.org/TR/2009/WD-geolocation-API-20090707/
Latest Published Version:
http://www.w3.org/TR/geolocation-API/
Latest Editor's Draft:
http://dev.w3.org/geo/api/spec-source.html
Previous version:
http://www.w3.org/TR/2008/WD-geolocation-API-20081222/
Editor:
Andrei Popescu, Google, Inc
I'm sorry, you were saying something?
"Now I am become Death, the destroyer of worlds"
disregard that, wrong parent.
"Now I am become Death, the destroyer of worlds"
Fine, their "allegedly shady" acts. My point still stands. Nobody expected them to walk up to Congress and say "yeah, we totally grabbed all this wifi data that people didn't know we were taking." I'm not even making any statements about the morality or legality of Google's actions. I'm just saying, the content of TFS is in no way surprising.
FWIW, I metamodded you up, so don't take this in any way personally.
"Google Tells Congress It Disclosed Wi-Fi Sniffing" (original)
versus/vs.
"Google Tells Congress Its Disclosed Wi-Fi Sniffing" (read it as this)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
I have one question, though: exactly how much privacy do people expect, given that what Google collected was what those people were broadcasting in the clear to the world at large? It's the equivalent of Google listening to what people are saying sitting at the corner coffee shop. Face it, when you're talking in public with strangers standing right next to you listening, you don't expect what you say to go unheard. So, why do you expect what you're broadcasting with the moral equivalent of a bullhorn to remain private? You want it private? Either don't broadcast it at all or at least encrypt it before broadcasting it.
Oh, you say the average person doesn't know better? Sorry, they should know better, and if they don't they should know better than to try without getting expert help. No excuses. This isn't rocket science. We've had personal computers for over 30 years. We carry sophisticated ones in our pockets and use them to make phone calls. It's well past high time the average person was expected to have a basic understanding of what they're so casually carrying around and using every day, and past time we stopped making excuses for the ones who just can't be bothered. You shouldn't need to know the details of how encryption works in 802.11*, but you should at least know as much as "I need encryption turned on, and if I don't know where and how to turn it on I need to either RTFM or ask someone who does know for help.".
More important than asking why Google collected this information is asking why people were so negligently reckless as to broadcast anything sensitive in the clear in the first place.
No, it's not good for all concerned.
Here in Australia, Google officials are trying to claim that they didn't know the data was being collected because it was being collected accidentally. Over there they're claiming "we knew, and we told you we were doing it."
Well, which is it?
I hate printers.
Finally, Google managed what we tried to get going with http://www.nodedb.com/index.php ... ten years later.
One thing that is both interesting and sad about this whole episode is how it is reported in the mainstream press.
Even the New York Times reported that they were getting people bank account numbers.
And try reading some of the user comments for those articles. People are convinced that the Google vans are stealing their thoughts.
Unfortunately, I think it is time for Google to spend less time giving away technology and more time on P.R. and advertising.
I'm tired of Google being painted as the bad guys here. All they did was receive unencrypted, public broadcasts. That should not be illegal. In fact, it probably is not illegal in the US.
If you don't want people to listen to your WiFi packets, encrypt them. Don't abuse the court system or the police to cover up for your own incompetence.
A major corporation fibs to the government about their shady acts?
There is nothing "shady" about what Google did, nor have they "fibbed" about it. In fact, Google shouldn't even be asked about this.
What is shady is the way governments have been using this for political gain.
Particularly shady has been the behavior of the German government, who not only has been lying through their teeth about what happened, but also is using Google as an excuse to undermine basic data protection principles.
But, hey, it's not like German governments ever did anything bad with private data, right?
Fine, their "allegedly shady" acts.
Google recorded unencrypted WiFi packets and took pictures on public streets. There is nothing "shady" about that, allegedly or otherwise. They shouldn't have to ask permission to do that, nor should they have to answer to anybody for it.
I'm not even making any statements about the morality or legality of Google's actions.
Well, but I am: what they did was certainly moral, and it was probably legal in the US.
Google does plenty of things that are of concern from a privacy point of view; this is not one of them. Anybody concerned with civil liberties and democracy should firmly defend Google's right to do what they did.
1. Are people gobsmacked when they hear about it? :P
2. If yes, you have not disclosed.
3. If no, you have disclosed or it didn't matter.
And gobsmacked means 'surprised' for you americuns
I really hope no one tells Congress about WiGLE.
It's a broadcast signal for crying out loud!! What really is the big deal? It's broadcast for the whole world to see! If a person drives down my street and has their laptop looking for WiFi they will see mine and 20+ others on my street, most secured. So what is the big deal? Sounds like the congress has found a thin opportunity to stick it's nose in to google's business and is taking full advantage of doing so, even if they are over stepping their boundaries and trying to obtain info that they did little leg work on. Info that they have very little to no legitimate reasons to have or need.
Congress might also want to evaluate the transparency of this cute Google video, which assured the public of Street View's privacy safeguards, but gave no hint of the controversial WiFi collection.
That wouldn't be very reassuring.
No, it's not good for all concerned.
Here in Australia, Google officials are trying to claim that they didn't know the data was being collected because it was being collected accidentally. Over there they're claiming "we knew, and we told you we were doing it."
Well, which is it?
No, they're claiming that they didn't know it was being collected while it was collected, but when asked to investigate after the fact, they did, found that they had accidentally collected the information, and reported the fact.
Apparently you do not understand what allegedly means.
It doesn't matter what technology or method is being used. If you find my front door unlocked and go inside and snoop around you are wrong and a trespasser.
A major corporation fibs to the government about their shady acts?
I'm sorry, I miss it.
What is shady about collecting publicly available Wi-Fi signals? Anyone with an antenna can do it. Did you know there is a way you can prevent this? My own fucking GRANDMA knows how.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Except Google didnt walk in any doors - they drove down the street. If you want to leave your front door open, don't bitch when someone drives by and sees you sitting on the crapper.
Google did not find anyone's front door unlocked and snoop around inside. Mod parent offtopic.
This is one of the best posts I've ever read on Slashdot.
People are not idiots.
You sure about that?
If they had a big sign on their street view vans that said "All your data are belong to us", that would be good enough for everyone currently complaining? I doubt it. So why would it be good enough if they post something anywhere on their websites that says the same thing? It's not like people are agreeing to some terms-of-service with Google when they buy their house!
They knew it was not legal to play man in the middle with other peoples networks.
The term network is often very broadly defined around the world after many cases of data intrusion walked away due to old/gov only or postal/audio recording era laws.
Google knew it should not keep packets. They understood they where "covered" for location, MAC, photography.
Someone signed off on the data collection code. They then kept the data.
If they can claim it was a mistake, legal precedent would be set and privacy, data retention and network intrusion laws become very flexible again.
Googles legal teams knew this from day one. When exposed they stonewalled and now have just the right spin for every jurisdiction.
Domestic spying is now "Benign Information Gathering"
Let's do a thought experiment. What if, instead of Google, it were RIAA doing this?
So, consider what if RIAA has been sending out trucks all around US, silently capture any and all wifi data they can receive, and recording them linked with GPS location, for the past 3 years. You have no idea what RIAA intend to do with all these data.
Would you still consider this ok?
Alternately, would you be worried if RIAA suddenly comes up with boatloads of money and bought out Google? Now they have all the data Google had, are you still fine with that?
Try replacing RIAA with any of your favorite organization, such as Microsoft, Apple, SCO, etc. Will your opinion change?
Oliver.
...to an excuse take over google, like they seem to be doing with just about everything else these days.... for your own protection of course :-)
So Theodp continues his one-man crusade against Google, and Slashdot inexplicably continues to aid him by posting his troll article summaries. This is at least his 3rd one on this particular Google issue alone and there haven't even new developments.
Let's review:
WHEN YOU USE GOOGLE LOCATION SERVICES, THEY KNOW WHERE YOU ARE. Shocking!:
http://tech.slashdot.org/article.pl?sid=10/06/01/1217220
This one's summary is so ridiculously inaccurate and biased I can't do it justice by summarizing it myself:
http://yro.slashdot.org/article.pl?sid=10/05/29/0818219
The germans wanted to do something, but failed. Lets argue about Google some more:
http://tech.slashdot.org/article.pl?sid=10/06/04/1839230
Here's some other Google posts he's made that are only slightly less ridiculous:
Google is hacking your box:
http://tech.slashdot.org/article.pl?sid=10/06/11/0143255
Google Lied about Apps being a successful product:
http://tech.slashdot.org/story/09/09/07/1218227/Google-Apps-Not-the-DC-Success-Many-Believe?from=rss
Google is racist:
http://search.slashdot.org/article.pl?sid=09/11/26/0311249
Ok, man, we get it. You think Google is evil and you wear a tinfoil hat to keep them from packet sniffing your brain because they can *totally* do that. Whatever. The rest of us are sick of hearing about it. Most of us here understand the issue better than you apparently do and we aren't nearly as concerned.
It's clear you have a bone to pick, especially with the whole wifi thing which I'm not sure you really understand -- but FFS, why is Slashdot still posting these things? I swear this is the 4th time you've rehashed the whole wifi thing with a slightly different spin and managed to get it posted yet again. Each time you avoid facts in favor of frantic hand-waving and put words in Google's mouth like "how-many-times-do-we-have-to-tell-you" and "After mistakenly saying that it did not collect Wi-Fi payload data". Please, for the love of god. Just stop.
"It was a mistake" doesn't wash. Google claims to be technologically sophisticated. Maybe they should have googled for "wireless data sniffing law".
Not everyone uses google location services. I don't, but I have two wireless routers, and they've been on my street. They can't argue that they have my consent - by law, each act of collecting information requires separate, informed consent. So even people who use gmail (I don't) cant be considered to have given google any sort of "blanket consent".
Orwell: "In a Time of Universal Deceit, telling the Truth is a Revolutionary Act"
You have to wonder what the problem is? I think public register of all macid's would be useful.
The difference is that we trust Google. They promised us not to be evil. They control the flow of our information. We have a certain expectation that they will not use our personal information for some nefarious purpose. And when they do they should (in my opinion) be held accountable for it.
If you mod me down the terrorists will have won
There can be other possibilities. For example, some devices may not support encrypted Wi-Fi. Or I have a friend visiting and I would not want to share the password with him and decide to temporarily disable encryption. Or maybe I am sure my neighbors are far enough away from me. Or maybe I am technically incapable of getting encryption to work properly. Not enabling encryption does not mean I want you to sniff my data, even small pieces of it. Making something possible to be accessed by public is not the same as making something public. Would you be happy if a company systematically analyze all your postcards and get to know address of your friends? If I have backyard with very high concrete walls, I might walk naked in my backyard. People can still sneak with the help of a ladder. It's not only possible but also easy, but common sense tells us it's unlikely someone would spend the time and money doing that. But you sure won't be comfortable if a company builds a lot of 30-ft robots and lets them walk around your neighborhood with cameras around their head. Sure the robot will only stay a few seconds around your house, and you might not happen to be naked when it comes. But would you be OK with that? I am also wondering what would happen when WEP is trivial to break. If Google were to integrate the WEP-cracking code into its streetview cars to make it more powerful, would people think that is OK? Would people assume that everybody in the world including every grandma online should be aware of weakness of WEP and be capable enough to upgrade all devices to use something less sniffable? I am not saying Google is wrong in this case. I am saying sniffing Wi-Fi data in general is wrong, no matter if it is on open or encrypted network. Google chose to remove face pictures of people around strip club. By the same logic, they should also not have collected Wi-Fi data even it is publicly accessible.
They never went inside, you just put all your stuff out on the street and they wrote it down.
People are getting upset that someone recorded wireless transmissions? Come on, it's radio, once you broadcast it's there for the whole world to pick up. Encryption can slow down someone reading your traffic, but that's only a speed bump. There is no expectation of privacy on a radio broadcast, if you think your wi-fi network is secure, you're only showing the world that you don't understand the technology.
Compare this to the Bush/Cheney Regime program to record network and phone traffic. Where's the outrage and investigation of King George? The current king has quietly continued this program. I have more trust in Google than I do the the United States government.
One more time, if you broadcast it, it's available for anyone to intercept.
You wrote: "as a homeowner, the better off my neighbor is the better off I am" and then drew a false equivalence between google and your neighbor. Google is not your neighbor and Google being better off may very well mean you're worse off. "The only thing Google is guilty of here is having enough money and resources to gather this data on a larger scale than I and my neighbor are capable of" is another false equivalence. You doing something, or your neighbor doing something, is not the same as some megacorporation doing it in a million places simultaneously. Did you notice that your neighbor got home rather late last night, because you saw her car pulling into her driveway at 11 pm? No problem. Does that make it ok for Google to install cameras on every street and create a massive database of when everyone gets home? I don't think so.
I'm pretty sure you're mis-reading the privacy levels here.
The way I read this is that your 30 foot wall is like WEP, it's a positive indication of the expectation of privacy. In both cases breaking the privacy is a definite indication of trespassing and is likely to be grounds for prosecution. But neither stops a determined invader.
A normal white picket fence is much lower security or privacy; it's something that someone who's even a little bit fit can just jump over but in general they don't, because they're not that impolite, and they don't want any handy agricultural implements to be waved at them.
If there's no fence at all you would be very surprised to be confronted for just walking there.
That last one is the totally open WiFi point; quite simply if no effort has been made to fence something off it's unreasonable to expect it to be considered private property so connecting is so obvious the computer will do it without prompting. I would say the picket fence is about the same level as MAC filtering or turning off the DHCP, easy to hop over but rarely done.
All these rules are the ancient ones that were first invented when people started living in villages rather than just a single family group and there's even a comparison for Google. They might not like the label, but in this time of the Global village they're the Village Gossip. She (usually) will know where everyone is she will be able to tell you happy details about everyone in village so that you feel you know them, even if you haven't exchanged more than two words in the last 6 months. In a real way she knits the village together.
So the question is would you do something you don't want the Village Gossip to see in you front garden? She's not always there; but it sure feels like it sometimes. If she did see something would you want her to do any more than forget what she saw.
It's this what Google have already done?
The difference is that we trust Google.
Rookie mistake.
They knew it was not legal to play man in the middle with other peoples networks.
Passively capturing packets is not a Man-in-the-middle attack.
The difference is that we trust Google. They promised us not to be evil. They control the flow of our information. We have a certain expectation that they will not use our personal information for some nefarious purpose. And when they do they should (in my opinion) be held accountable for it.
Er, but this was neither evil nor was it "using personal information for some nefarious purpose."
Regardless of whether they actually did anything wrong, of course, it's clear that enough people didn't like it that the most sensible course of action for them is to stop doing it (and be more careful in the future), if for no other reason than good PR.
[Indeed, the reaction -- whiny histrionics and political grandstanding -- is arguably more evil, as many of those people are actually abusing the system for personal gain.]
We live, as we dream -- alone....
play man in the middle vs passive wiretapping?
You think your using the web or yahoo ect at a wifi spot and form a connection.
The packets are saved by a third party?
Domestic spying is now "Benign Information Gathering"
d'27baba,
That is a totally wrong analogy, to make your analogy work you have to put up a giant sign that lists everything you have, visible to anyone within a couple hundred feet or so and then be surprised and insulted when passers by read it.
It's called RADIO WAVES, they LEAVE your house and are there for ANYONE to see, if you want privacy encryption is a 5 minute exercise.
There is not excuse for ignorance, and less so for willful ignorance.
There are legitimate reasons to lock down your wifi, of course. It isn't just media hype and government fear mongering. Personally, I run TWO wifis. One is completely unsecured, and available to anyone who happens by. The other is secured, and only responds to select MAC addresses. Thus, like yourself, I do a little bit of that "share the wealth" thing, but, I also ensure that only a pretty sophisticated haxor is going to grab my packets. The average script kiddie isn't going to get my stuff!
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Oh, come on. Grow up, alright?
Hey, I happen to LIKE Google. I pretty much trust them, too. Or, at least, I find them to be more trustworthy than any of the competition. But, where does Google make their money? That's right - ADVERTISING. How does that work again? Lemme think real hard - first, Google tracks my web browsing, and my searches, and they analyze all the data they can get on me. Then, based on their "profile" of me, they try to sell me things that are simply irre-fucking-sistable. They serve up advertisemenst that are calculated to be appealing to me. Like putting honey or sugar out to attract ants.
Google is using your data to make money, just as surely as any other individual, group, or entity on the web is trying to do the same.
Just don't tell Google that I never see the ads they serve up, alright? They just might come up with some "agreement", similar to Microsoft's EULA. "By using any or all of our services, you agree that we can track everything you do online, and you promise to disable any ad blockers, or other software that might prevent us serving advertisements."
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Location and strength of wi-fi spots was collected deliberately and openly, content of data passed through wi-fi was collected by accident.
Yeah, except that's NOT MITM!!!!
MitM is connecting to both endpoints, and representing oneself to each endpoint as the other. (You see, it's cleverly named because the attacker is _in_the_middle_.) It's useful for two cases: to modify the data in transit, or to snoop data from an encrypted channel with poor key distribution (the encryption makes capturing traffic useless, but you can tell them "O HAI THIS IZ THE NOO KEE KTHX", and get them talking straight to you).
Both of which, quite aside from the issue that YOU'RE ESTABLISHING A CONNECTION (a key point in any sane infosec laws, and it didn't happen in Google's case), are rather more harmful than snooping data that they didn't care enough to encrypt on ANY layer, don't you think? Which makes your MitM claim not just incorrect, but defamatory.
There's another, as-yet unpublished Google patent filing that discusses the use of a 'mobile device data collection module' to 'collect data on a set of mobile devices which are using [a] wireless base station', including GPS location information, time information, and 'application specific data, such as, map requests, etc.'
Well, the fact that they have the patent, does not mean they intended to use it.
They may have just figured that it would make the patent more complete if they included the part about "application specific data", so that someone else couldn't come after and patent the same thing with that addition.
The listed 'inventors' include a Google Latitude Product Manager.
You mean a location service-related patent is coming from the guys working with location services at Google?
Yeah, that's strange...
I am not here.
1 - Restate 'we did notify' that they were going to capture data available to any passing car
2 - Admit perhaps it wasn't the best notification process out there
3 - Apologize for #2 "we will do better next time"
4 - Move on and keep the 'google trucks' moving
---- Booth was a patriot ----
didn't care enough to encrypt on ANY layer does not save you from been protected under networking laws.
No third party can just collect and save your data.
Domestic spying is now "Benign Information Gathering"
How are we going to enforce net Neutrality?
When the telecoms control the lines and have repeated that no filtering is going on (a blatant lie).
I think having a company that roams about checking network speeds and ensuring that all types of data receive fair treatment is going to be necessary if we ever hope to enforce network neutrality on the telecos.
It would be nice if the government could do it, but Google releasing a report would be just as good.
There are many other benefits to having an accurate map of open wireless networks.
We are already trusting Google to maintain anonymous usage statistics in areas where privacy is a concern.
I think the benefits outweigh the disadvantages, though I also think governments should police Google's privacy policies.
"But Mr Dent, the plans have been available in the local planning office for the last nine months."
"Oh yes, well as soon as I heard I went straight round to see them, yesterday afternoon. You hadn't exactly gone out of your way to call attention to them, had you? I mean, like actually telling anybody or anything."
"But the plans were on display ..."
"On display? I eventually had to go down to the cellar to find them."
"That's the display department."
"With a flashlight."
"Ah, well the lights had probably gone."
"So had the stairs."
"But look, you found the notice didn't you?"
"Yes," said Arthur, "yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'."
OK guys, try this: I'm walking down the street with a friend and talking. You are following and writing down every word we say to each other. Not illegal. Just creepy. And even tho it's a public avenue isn't it a bit intrusive?
---
Get off my lawn.
They don't have to be writing it down, just hearing it records it in their brain.
Not really all that creepy or abnormal. It is a bit rude if you are in a situation where you can avoid it.
We generally call it gossip if you then share the conversation with others.
Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
But Google is recording it. And they are using the equivalent of a shotgun mic to do it. They actively gathered this information. They are recording (if we stay with the walking down the street analogy) every conversation of every person they can hear with that mic. That's not just rude in my book, it's bordering on stalking.
I have a radio scanner. I find it useful to listen to police and fire during emergencies. But, even tho the scanner is electronically capable of receiving analog cell phone frequencies (and hacks are available on the net to restore this capability) it is hobbled by the manufacturer from doing so. For good reason.
Google is displaying the arrogance of the engineer. 'I can do this. So I will. Just because you don't see the advantage of my actions isn't sufficient reason for me to not do this. And anyway, it was publicly posted in a locked filing cabinet in a basement restroom marked with a sign that said 'Beware if the Tiger'. But it was posted.'
---
30 years in the industry and I'm still having USENET discussions.
Stop hiding behind weasel words like "allegedly".
Considering that you waved around allegations of MitM attacks even though you didn't know what they were, I doubt you understand 'networking laws' very well either.
Current law as it applies to networking is based on 'authorization'. 'Unauthorized' access is illegal, but if a device is configured to give access to anybody, then who can say it was unauthorized access? If you think that it is, then you must also think that everybody that logs into a public FTP server that is configured to accept a default login is breaking and entering.
People who own equipment are responsible for its configuration, and that equipment thereafter essentially acts as their agent, granting or denying authorization as it was configured.
IANAL & the above is not legal advice.
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit
You should stop sending your unlocked door into the middle of the street. It might get hit by a Google Street View car.
I support the Slashcott and will not be reading or commenting from 2/10/14 to 2/17/14. Beta is steaming pile of dog shit