Slashdot Mirror
Google Building Privacy Red Team
Trailrunner7 writes "Google, which has come under fire for years for its privacy practices and recently settled a privacy related case with the Federal Trade Commission that resulted in a $22.5 million fine, is building out a privacy 'red team,' a group of people charged with finding and resolving privacy risks in the company's products. The concept of a red team is one that's been used in security for decades, with small teams of experts trying to break a given software application, get into a network or circumvent a security system as part of a penetration test or a similar engagement. The idea is sometimes applied in the real world as well, in the form of people attempting to gain entry to a secure facility or other restricted area."
It's a good idea too. Deliberately cause mayhem to encourage and test true redundancy.
Help stamp out iliturcy.
On the internet there is no privacy, m'kay? Why this charade?
“He’s not deformed, he’s just drunk!”
...the concerns about Google and privacy have next to nothing to do with what hackers might do with the data Google collects on you, rather than what Google will do with it.
This space available.
If Merlin himself can't readmy mind how can G$$GLE? Truly, the Italians are getting desperate lately. I laugh at them in a high-pitched cackle sort of laugh! Olive oil is tasty, but it is not the UNITED BROTHERHOODE OF CARPENTERS! or a toy monkey!
In summary, we need IRON!
UNITE with the Campaign for a Free Internet because today, our future begins with tomorrow!
And here I thought, silly me, that it was the massive fines by the EU and Canadian regulators as to their practices that caused this change.
Never mind.
I'm sure they're doing it for the reason you say.
-- Tigger warning: This post may contain tiggers! --
Don't use google, block google-analytics and google-syndication at your firewall, and don't use services like gmail.
Otherwise, you have no privacy from Google, who knows everything you do on the internet.
The fine referenced in the summary was an intentional violation of privacy, at least from what I understand. It sounds like the point of the red team is to find unintentional security flaws that may cause privacy risks. That's good and all, but it really doesn't address the issue that the article and summary are pretending to address.
I mean, "Privacy Red" - that will go well on the t-shirts, baseball hats and pens. And sound impressive to vacuous blondes at parties; "Hey, is this guy boring you? I'm on a Privacy Red team!".
"The greatest lesson in life is to know that even fools are right sometimes" - Winston Churchill
...a grizzled old Google veteran, brought out of retirement. He has a rag-tag team consisting of an arrogant young prodigy, a burnt out developer with a death wish, a hard-as-nails female programmer and a sassy ex-con who learned all his coding on the street.
They are PRIVACY RED TEAM!
Then you have been abusing yourself much too much
I got to the chocolate box before you, that's why the hard ones have teeth marks.
If you beamed down with Captain Kirk and were on the "red team" wearing a "red shirt" it wasn't going to end well for you. I wonder if the same will be true at Google as they bring daylight into the dark corners of Google.
Google is to privacy, what Facebook is to friends.
It charges $4.95 a minute.
So QA teams are called 'Red Teams' now? So sexy.
Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware
In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87
How many rootkits does the US[2] use officially or unofficially?
How much of the free but proprietary software in the US spies on you?
Which software would that be?
Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.
How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computer's files on the basis of faith alone?
If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, don't you?
I'm now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:
APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.
Where are the commercial or free anti-malware organizations and individual's products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or 'deleted/junk posts' forum section, someone or a team of individuals will mock you in various forms 'tin foil hat', 'conspiracy nut', and my favorite, 'where is the proof of these infections?' One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed you're using the proprietary Microsoft Windows OS. Now, let's move on to Linux.
The rootkit scanners for Linux are few and poor. If you're lucky, you'll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.
Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they don't call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and I've been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.
Don't let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch the void of the APT malware described above which will survive any wipe of r/w media. I'm convinced, on both *nix and Windows, these pieces of APT malware
BE ANYg FUCKING s7ates that there
Congrats Kim on the anniversary! ;)
When was your www.cougarloving.com sex tape released? I'm going to send you a greetings on that, because that's the only thing i really like about u
Sorry, just kidding
Elegant Replica Handbags For Trendy Women are really born with taste for beauty and fashion. They are always on the way of searching chic accessories: from precious diamonds to designer handbags, from stunning luxury watches to stylish scarves, etc. To keep up with the fashion trend, they put great effort and care on their appearance and the impression to others. For them, handbags are the most iconic items that are greatly associated with women's daily life. If you're a trendy woman who has a special favor toward affordable replica fendi handbags , then this post is right for you. If you have always fancied living like a princess owning a large number of pretty looking handbags, but worry about your small bank account, try the replicas of branded handbags. Replica handbags solve the dilemma for those who have a dream of experiencing the luxury and beauty but with a limited budget. Since they are surprisingly durable and affordable, it is not bold to say that there are no other things that could bring the dream fulfillment. Replica handbags appear as attractive and elegant compared to the original ones. You will find hard to tell the difference by simply staring. What's more, it is absolutely not an easy thing for bag experts to spot them after a thorough inspection. Manufacturers of them only select the top materials to made and copy every detail of the original ones. Carrying such kind of top quality handbags, you will surely be offered the feeling of content and happiness. Therefore, you will never be wrong by adding them to your wardrobe. Besides, it would turn out that you are really a practical and intelligent buyer. As everybody knows, one original designer replica hermes handbags would cost you a thousand dollars - even more for some brands. Since replica handbags are relatively cheaper than the authentic ones, you can save much money and make it more valuable. You can have chance to do other investment that your families really want. If you like, you could have many attractive and elegant desiner miu miu handbags at the value of a single designer one. In a word, they would be the best and smartest choice for women all around the globe. Nowadays, we are living in the age of fashion-conscious, so the demand of replica handbags have greatly raised. If you want to stay stylish, elegant and attractive without spending too much money, look no further than designer replica handbags. They will never let you down. I'm a watch addict who like share any information and design toward replica cartier handbags and designer replica handbags. Hope you can share any thinking and comment toward my original articles on my blog [http://replicahandbagsreview.com]. balenciaga handbags
The first rule of Privacy Red Team is you don't talk about Privacy Red Team. It's private.
Back in the days when ActiveX was first created, I mean. But simply having a team doesn't mean that team will be allowed by the powers-that-be to make any meaningful difference.
Here, for example - according to the linked article, this team is all about external penetration and threat testing. I don't know anyone whose primary concern regarding Google's data collection is about what an external attacker could do with that information. And the $22.5 million fine was about Google's own internal decisions and behavior, not about what some hacker pulled off because of poor security on Google's part.
This just smells like theater. Much like Microsoft's statements about security a decade or so ago.
#DeleteChrome
Am I really the first to make that reference?
the entire userbase constitutes Facebook's privacy 'red team'.
---
for a company that makes fistfuls of money collecting and correlating every behaviour they can record
really their whole reason to exist
This is useless unless google builds a privacy culture within itself and also lobbies the government to respect individual liberty and rights again.
dijital pazarlama aka digital marketing is the key of success in business life within 10 years.. If you can no t succeed in digital marketing, then it is impossible to survive.
Dijital Pazarlama aka digital marketing is the future of business.
Yes, because it is much worse for Google to know I prefer a BMW to a Toyota and serve me ads appropriately, vs. having someone use the same information to steal my identity, take out a second mortgage on my home, and leave me destitute.
You can take my house, but PLEASE don't ask me what my car preference is!
Can we tone down the hyperbole please? Comparing using personal data for marketing vs. using it to steal from innocents is just stupid.
[...] the idea is sometimes applied in the real world as well, in the form of people attempting to gain entry to a secure facility or other restricted area."
Everything is "real world".
I don't know why people focus so much on Google. A lot of other companies have far worse privacy practices, and many of those companies make absolutely no attempt to provide proper privacy or user data security.
Just take Facebook for example.
...standing by.
... ensuring security and privacy of customer data is.
I always thought that the stupidest things that Eric Schmidt ever did were all those blase comments about how we had to learn to live without privacy, etc. (check google for eric schmidt quotes).
I'm not saying that they don't care about these issues, but in the past they have sounded like they don't care.
I reckon that they should instead make security and privacy of data their top priority, and let their customers know about it too (instead of the opposite) - so this "red team" sounds like a good idea.
They should write it into their company constitution and make it clear in their contract with their users.
We all know that google will track our internet use to improve our search results/target their ads, so we need to trust them that this data is not misused, right?
I'm surprised they don't push more that concept of "data untouched by human hand", as I think a lot of people are quite comfortable with that.
So I reckon they need to make sure that we know we can trust them, and people won't fully embrace their range of products unless there is trust there, but once you commit (yourself and your data) to the google product range you are likely to remain a loyal user/customer.
Is Google going to pay professionals to find problems? What happened to security on the cheap with contests and prizes?