Slashdot Mirror
FTC Ends Probe of Google StreetView Privacy Breach
GovTechGuy writes "The Federal Trade Commission (FTC) wrote to Google on Wednesday to end its probe into a major privacy breach in which the company collected and stored private user information, such as passwords and entire e-mails, without even realizing it after the search giant promised to improve its privacy practices."
Gee, we got caught; better do it differently next time. (After all, there's no penalty).
Great minds think alike; fools seldom differ.
I know, it couldn't have anything to do that nothing transmitted in the clear over unregulated frequencies is considered secret in any way, and therefore Google arguably did nothing wrong whatsoever.
It had to be political gaming by CEOs to protect them from Federal legal action for violating... what law again?
i have yet to see any corporation with a major internet presence or market segment come close to following or guaranteeing their privacy policies with complete certitude. Companies from AT&T to Facebook to Chase never see a punishment for these leaks, or rather if Google does it would be an exception to the longstanding rule of american internet commerce.
outrage does nothing. Users should take this revelation as an opportunity to improve their general knowledge of internet security.
Good people go to bed earlier.
If suing Google after they collected the passwords you transmitted unencrypted over wireless networks is *really* your idea of "privacy" . . . you're going to be in a big surprise when someone less friendly than Google does the same thing.
The World Wide Web is dying. Soon, we shall have only the Internet.
This is how low Slashdot has sunk. Years ago, this site was very pro-privacy. We're now at the point where a company can archive your emails and passwords, claim it was an accident, and get off the hook by promising not to do it again next time--and that's "doing nothing wrong whatsoever" according to the posters here.
No, we're just very pro personal responsibility. If you're broadcasting unencrypted data into the street, reading it shouldn't be a crime. If you don't know how to encrypt your wireless data - even with easily-cracked encryptions, that at least require some deliberate effort to crack - then you shouldn't it be broadcasting it into people's face. If Google were getting this data by cracking WEP, or performing MitM attacks, then I'm sure you'd see people up in arms.
Complaining about this is like complaining that a vehicle equipped with an audio recorder picked up your shouted argument from the street. If you weren't screaming at the top of your damn lungs, nobody would have heard anything.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
without even realizing it
Google sniffing out all this stuff by accident? ! **sneeze** bullshit !
Would it be an accident, it'd even be scarier. It'd mean that the search giant don't know what they're doing.
I don't think you've ever used a sniffer. Google drove around with a wireless sniffer that recorded traffic to a log file. The guys in the van would upload all their logs to a central location where they were parsed to build a database of access point SSIDs and MAC addresses for geolocation. The problem is a sniffer dump contains a lot of raw packet data, more than just the information they needed, because that's what a sniffer is supposed to do; capture all the traffic it finds.
Eagles may soar, but weasels don't get sucked into jet engines.
Uh-huh, and just because someone publishes a publicly accessible webpage available over http doesn't mean you have any right to access it, right? You should be getting written permission to "hack into" their computer by accessing it via publicly-accessible protocols they have explicitly installed and made available?
There are well-documented methods for establishing whether you want somebody to be able to use your connection. Not using them, and then complaining that someone uses it is like bitching that Google indexes your site, because you didn't setup robot.txt.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
then I hope your car gets stolen tomorrow, because you had the wrong security system fitted and a thief just took your vehicle from right outside your home, even though you'd done everything you were supposed to to keep it secure.
Except in this case, people hadn't done everything they were supposed to do to keep it secure. If my car got stolen because I was too stupid to push the little "lock" button on my keychain, then damn straight I'd deserve it. Likewise, if I hadn't put in a tax return for 10 years, I'd expect to be hammered hard.
This isn't about people not doing absolutely everything perfectly. It's about them not even doing the minimum. WEP has been trivially crackable for ages - but even if people use WEP, I'd be offended if Google had cracked it. It would have shown intent, that they were deliberately trying to capture stuff that people were trying to protect.
Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
They were using Kismet, which by default captures all unencrypted packets it hears. They forgot to change the default - which, incidentally, is something the WiFi owners are guilty of as well.
It would be different if they changed the configuration in order to capture packets, instead of simply forgot.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
If you buy a "piece of kit", it's your responsibility to learn how to use it safely. Whether it's a chainsaw or a router.
If the kit from the ISP included a manual, than the user should have RTFM. Every wifi router manual I've seen explains how to use WPA or WEP quite clearly in the first few pages. If the manual wasn't included or was unclear, if the user should sue his ISP for leading him to expose his "private stuff".
In real life, I've noticed that even average homeowners seem to have worked this out. About 5 years ago when I turned on my laptop at home I could see 5 or so local wifi router signals, 2 or 3 were unencrypted. Now I can see 7 or 8, maybe one is unencrypted. On local TV there have been a couple of scare stories about how easy it is to snoop on wifi, that probably raised awareness. That's all it needs, not an advanced degree.