NSA Uses Google Cookies To Pinpoint Targets For Hacking

← Back to Stories (view on slashdot.org)

NSA Uses Google Cookies To Pinpoint Targets For Hacking

Posted by Soulskill on Tuesday December 10, 2013 @10:02PM from the another-day-another-way-to-spy-on-us dept.

Hugh Pickens DOT Com writes "For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them. Now the Washington Post reports that the NSA secretly piggybacks on the tools that enable Internet advertisers to track consumers, using 'cookies' and location data to pinpoint targets for government hacking and to bolster surveillance. The agency uses a part of a Google-specific tracking mechanism known as the 'PREF' cookie to single out an individual's communications among the sea of Internet data in order to send out software that can hack that person's computer. 'On a macro level, "we need to track everyone everywhere for advertising" translates into "the government being able to track everyone everywhere,"' says Chris Hoofnagle. 'It's hard to avoid.' Documents reviewed by the Post indicate cookie information is among the data NSA can obtain with a Foreign Intelligence Surveillance Act order. Google declined to comment for the article, but chief executive Larry Page joined the leaders of other technology companies earlier this week in calling for an end to bulk collection of user data and for new limits on court-approved surveillance requests."

42 of 174 comments (clear)

Min score:

Reason:

Sort:

Now 2 good reasons not to allow cookie tracking by mrspoonsi · 2013-12-10 22:04 · Score: 5, Insightful

The EU is right on this one...
1. Re:Now 2 good reasons not to allow cookie tracking by erikkemperman · 2013-12-10 22:40 · Score: 5, Interesting
  
  The EU is right on this one...
  I'm not so sure about that. I am afraid this is one of those deals where the compromise (require the user be presented with an opt-out) turns out to be worse than either of the proposed "pure" alternatives (do not regulate tracking at all, vs disallow all tracking, period).
  Because what happens is a site says: either allow my cookies or I will not, or not fully, serve you. And because the average user is basically an idiot -- as is true for any large group of people, and in many instances of course it includes myself -- they go for it.
  Tracking not reduced for all a but a tiny minority of paranoids and actual baddies, and the ad companies can now say they do it with user's consent.
  This PREF cookie is an especially nasty piece of work, seeing how it rides on the very Safe Browsing system that Google "generously" facilitates to protect against online malware. Check the link in TFS.
  
  --
  Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
2. Re:Now 2 good reasons not to allow cookie tracking by DarkOx · 2013-12-11 00:21 · Score: 5, Interesting
  
  The most sensible solution is to allow only sessions cookies. I know everyone loves their "keep me logged in button" but simple solution is to have browsers silently convert all cookie requests to session cookies no matter what the server or script asks for.
  This should do be the default, as it breaks very few sites and existing web applications other than you have to logon every time. Users should have to manually go white list domains that are allowed persistent storage.
  Browsers need to stop providing useragents, they need to start sending strings like
  "traditional HTML 5.0 ready browser" or "touchscreen HTML 5.0 browser" instead.
  The default behavior should be to only send a referer header when the request is to a page on the same domain as the one already being displayed.
  As much as I hate to advocate it because its a waste of everyone's network resources, the same approach needs to be applied to document caching. There are to many possibilities for script based timing analysis attacks and server side request analysis that will enable tracking with the cache enabled.
  Implement those changes and you will an WWW that still mostly works without alot of changes to existing sites but is decidedly less trackable.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
3. Re:Now 2 good reasons not to allow cookie tracking by daem0n1x · 2013-12-11 03:51 · Score: 3
  
  Advertisers or spies?
  I'm not sure which kind of psychopaths I'm more afraid of being tracked by...
Use Google-like monopolies to your advantage by Rosco+P.+Coltrane · 2013-12-10 22:15 · Score: 4, Interesting

Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.
But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.
Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.

--
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
1. Re:Use Google-like monopolies to your advantage by lister+king+of+smeg · 2013-12-10 22:36 · Score: 4, Informative
  
  Big data monopolies like Google are the stuff of nightmare for privacy-minded individuals.
  But there's a silver lining to that particular cloud: as the most important player in the field, they're the most visible target for abuse of all kinds. Which means that you have a better chance of dodging the abuse if you simply don't put yourself in the center of the target, by not using any Google product.
  Kind of like when Windows had the lion's share of the OS market, and you could avoid most viruses by running another OS, not because the other OS was more secure, but because virus writers had a better return on investment writing viruses for Windows and left your fringe OS alone.
  Simply not using Google products won't protect you from this as it is using scripts embedded in web pages. Google analytics Gstatic and Googleadservices just to name a few present here on slashdot embeded and reporting back to Google and by extension the NSA.
  To block them you need to either completely block javascript which will break many if not modern web pages or learn to use ghostery, request policy, AND OR noscript, oh and https everywhere. then block everything by default and whitelist and temporarily allow as needed to make the pages viewable.
  
  --
  ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
2. Re:Use Google-like monopolies to your advantage by Anonymous Coward · 2013-12-10 22:46 · Score: 2, Insightful
  
  so I got ghostery noscript https everywhere. I hooked up some VPN.
  to hell with cryptography, there should be laws protecting my privacy and protecting me even if I don't encrypt anything.
3. Re:Use Google-like monopolies to your advantage by ArsenneLupin · 2013-12-10 22:47 · Score: 2
  
  Simply not using Google products won't protect you from this as it is using scripts embedded in web pages.
  Then don't use these scripts either. And if this breaks the web site, complain loudly to the webmaster (outlining the privacy issues, if needed).
  Or at least don't accept cookies from these scripts. Often these scripts still run fine (for the visitor), even with google cookies blocked. (stuff like google analytics will break, but that's actually a feature...)
4. Re:Use Google-like monopolies to your advantage by erikkemperman · 2013-12-10 22:51 · Score: 2
  
  Sitting at home running OpenBSD behind three layers of crypto and Tor proxies? Gee, that doesn't look suspicious.
  Which is why, in addition and in isolation, I run an unpatched Windows XP box on which, every now and then, I emulate an average person and use IE6 to download, uh, nature documentaries from sites so dodgy I have to click past a gazillion warnings even on that leaky browser!
  
  --
  Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
5. Re:Use Google-like monopolies to your advantage by nullchar · 2013-12-11 00:10 · Score: 4, Informative
  
  You can easily run ghostery, request policy, refcontrol, noscript, https everywhere, cookie monster, and BetterPrivacy all at the same time.
  How does anyone browse without these? I setup all of those, except request policy and noscript, for every user I help. They're nearly all passive.
6. Re:Use Google-like monopolies to your advantage by aliquis · 2013-12-11 00:15 · Score: 2
  
  Yeah. That's why.
  ("I only searched for global thermonuclear war to trick you into thinking I was interesting! Seriously!")
7. Re:Use Google-like monopolies to your advantage by TheGratefulNet · 2013-12-11 01:51 · Score: 4, Interesting
  
  on mobile, you have to be rooted to run a lot of adblockers and such.
  the first time I ran a non-rooted android phone and saw what everyone else sees on the web, I was kind of shocked. after years of filtering (noscript, etc) at home, I had forgotton how BAD things had gotton on the dirty wide web.
  on systems you can control, its fine. on phones - which a lot are not easily rootable - you have much less control.
  
  --
  
  --
  "It is now safe to switch off your computer."
8. Re:Use Google-like monopolies to your advantage by Nerdfest · 2013-12-11 04:18 · Score: 2
  
  On Android, you can use the AdAway application from F-Droid.org unrooted. It uses a proxy and work pretty well.
Oh I love how they pander... by Anonymous Coward · 2013-12-10 22:24 · Score: 5, Insightful

A CEO of one of the most successful US Corporations in the entire world wants to put an end to data gathering, and doesn't somehow fucking get that their company exists only because they are in the business of data gathering.
Oh, I love how they pander to us while continuing to shake hands with the devil. You act like they're going to turn away one of their largest customers.
Don't get me wrong, businesses like Google almost have to take this stance "against" the enemy of the People, else they risk losing other portions of their customer base. I simply don't like being lied to by them any more than I like being lied to by my own government.
In the end, nothing will change. Nothing. The US government won't allow it. You're a fool to think otherwise.
Re:Calling for? by erikkemperman · 2013-12-10 22:25 · Score: 2

Exactly. "It's hard to avoid" says Chris Hoofnagle. Right. It would kill Google's business model, sure, but it isn't technically more difficult to not track everyone everywhere everywhen.

--
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
Funny that Google complains by yacc143 · 2013-12-10 22:32 · Score: 5, Insightful

Personally, the collection of privacy relevant information by private companies like Google is way more scary than what a government fools around with.
And don't come, it's voluntary. It's anything but, considering how many sites include elements from Google/Facebook/... (e.g. ads or like buttons), and they DO track you even if you are not a registered user. And the end user tools to customize browser behavior (to suppress unwanted elements of a webpage) are mostly non-available on mobile platforms
Worse, as is the "fundamental law" of privacy & data collection, any data collected will be abused. (Classical example, when the truck toll system in Germany was introduced, it was only allowed by the data privacy commissioner because it's absolutely illegal to use the data for anything but tolling. Couple years later, new government, and immediately "let's use the toll data for law enforcement" is a nice idea in the back rooms.)
So Google might be collecting "anonymous" data about person X, not knowing who X is, but that does not mean that the identity of X cannot be revealed later on, or be known by a third party.
Worse, anonymizing data (removing the parts that identify the user and potentially replacing them by a random id) is way harder, e.g. an interested adversary can usually reconstruct the identities, sometimes even trivially.
Idea: Build the biggest choke point possible. by VortexCortex · 2013-12-10 22:34 · Score: 5, Insightful

I've said it once, and I'll say it again: We gave you a decentralized network capable of self-healing in the face of thermonuclear war -- Packets routed around cities moments after they've vanished. Then you took the Internet, and built centralized data silos with it like fools. There is no such thing as a client and server, there are only peers that wear those hats. From here you look silly with them glued firmly in place.
There's no reason not to have your own recommendation engine in your own home. There's no reason to send personal messages and pictures to a third party just so your friends and family can see them too. As I've said: You will decentralize services, or the web will die by the folly. It may yet be too late. It would be wise to plan on a re-beginning.
Repent. The end is incredibly fucking nigh!
1. Re:Idea: Build the biggest choke point possible. by Sockatume · 2013-12-10 23:36 · Score: 3, Insightful
  
  There's no reason not to have your own recommendation engine in your own home.
  Apart from the obvious design advantages to centralising it. A recommendation engine, of all things, benefits enormously from being a shared resource. Communications, less so. There is nothing saying that you have to make that same trade-offs. That's the internet's other strength: heterogeneity.
  When you assume something only happened because 99% of people are stupid, check again. There is usually a more informative explanation, especially when your criticisms can be applied to something like the majority of the world's scientific computing resources which are indeed centralised.
  
  --
  No kidding!!! What do you say at this point?
Im just waiting... by gmuslera · 2013-12-10 22:39 · Score: 4, Interesting

till some hacker group uses NSA backdoors to cause mayhem in in US computers. Cookies are more or less harmless, as most of the privacy you lost with them is already lost by some other NSA program. But the NSA (and associated groups) backdoors are a bit more versatile, they are prepared to go into offensive mode, and probably a lot of US citizens have them installed (I don't think it is limited to just Tor, or social networks users).
And yes, they can cause mayhem in non-US computers, but how you know that it wasn't intended to happen by the NSA or some related company? The bombs are already in place.
Self destruct cookie by pmontra · 2013-12-10 23:03 · Score: 5, Interesting

This firefox plugin deletes the PREF cookie and all the others as soon as you close a tab. This means that it's created again every time with a different value.
I went to youtube and got this (I must split the values with spaces because /. complaints about long strings of letters)
google.com PREF ID=b59d89f696da3efa:FF=0: TM=1386759139:LM=1386759139:S=mRC2qiDMZ3ir_5JK
google.com NID 67=c1dV2B25sq3P2XdfPrBzGx9yb89H089A9yORn8UeoYGlGbjOUIbHPs03t_7JesDo_7NcnT UlDm90BZEpoSPX9A7FmbYORqBl5WwLmUiCzjreycq2wGE1rAMOSuXlFaZg
I closed the tab, waited for the cookie destruction message, went to google.com:
google.com PREF ID=024924c1c44d8beb:U=9b9ed7f900bfc1f0:FF=0: TM=1386758246:LM=1386759139:S=GCtQO6AoyqL-fqze
google.com NID 67=lPuV792TXm6MLVCnzVYUN-U2Q7B-XRd1d5xCYp7DXjvXvKzEjxtn99DTIbvaFFIg9a8uk2 AmkokD1TaYRnXL3iNA9SrPc1hj3611xY66gObS6pCY4jTTMeQpF6YHLJnn
Different. Well, mostly different. That LM=1386759139 in both PREF worries me. I should understand what it is for.
1. Re:Self destruct cookie by bruce_the_loon · 2013-12-10 23:14 · Score: 5, Informative
  
  If you plug the number into a unix timestamp to GMT converter, it returns Wed, 11 Dec 2013 10:52:19 GMT, so it looks like it is a time stamp, probably LastModified or something.
  
  --
  Trying to become famous by taking photos. Visit my homepage please.
2. Re:Self destruct cookie by pmontra · 2013-12-10 23:15 · Score: 4, Informative
  
  I answer myself because I looked for it and found this paper (PDF) titled "An Analysis of Google Logs Retention Policies".
  LM is the timestamp of the last modification to the user Google's preference. It can be used to track down the user because we update our preferences at different times. This applies also to non logged in users like me.
  Luckily it's easy to reset LM. Just go to google.com, click the menu, turn on or off Safe Search, click again and turn it back to its original value. LM is different.
  Obviously Google could store the old and new value and link them into a db ;-)
3. Re:Self destruct cookie by pmontra · 2013-12-10 23:18 · Score: 2
  
  Yes, that's it. You posted while I was writing my answer. Check it for more details.
4. Re:Self destruct cookie by Mr0bvious · 2013-12-10 23:18 · Score: 2
  
  LM = timestamp of the last preferences change..
  
  --
  Never happened. True story.
Larry Page objecting? by Anonymous Coward · 2013-12-10 23:22 · Score: 2, Insightful

How can Larry Page object to bulk collection of user data? Isn't that exactly what Google is designed to do?
obligatory privacy tools and recommendations by nimbius · 2013-12-10 23:27 · Score: 3, Informative

if you continue to use google for searches, discontinue this practice immediately and instead use duckduckgo.com
Keep a whitelist of cookies you're willing to accept, and accept them only for the session in which they are generated. this type of limitation can be controlled in Firefox's preferences under privacy. you should routinely delete the whitelist, as a periodic audit of what you need is more expensive than simply rewhitelisting your most visited sites and discarding the one-time stuff you no longer need.

at one time there was a slashdot article on 4 things you can do to increase your privacy as outlined by the EFF, however i cant find it and see no harm in reposting it.
1. use adblock plus
2. use noscript
3. use HTTPS everywhere
4. block any and all cookies, as mentioned above, with strict whitelisting for banks and reputable online merchants.
newer nerds to slashdot may reconsider the virtues of using mutt, cone, or alpine for email as they effectively render tracking pixels and malicious http content an exercise in futility on the part of the sender. RMS uses links/lynx for all of his web browsing, and while that may be a bit extreme for most of us, it certainly cant hurt to use it for opening email links should you be faced with the necessary evil of a questionable URL.

--
Good people go to bed earlier.
Noise generation by wbr1 · 2013-12-10 23:44 · Score: 3, Interesting

How about someone develop benign virus that spreads easily, then browses everywhere similar to a spider or crawler and resets it's own cookies (and/or built in creds for various data gathering sites), frequently. With a relatively low CPU and network footprint, a big enough botnet doing just this would make just about all data collection pointless, as the SNR would become problematic.

--
Silence is a state of mime.
Political and Corporate Outrage is all Theater by EmagGeek · 2013-12-11 00:01 · Score: 3, Interesting

The reality is that Government and Corporations are on the same side and none of them want to get rid of the tracking.
Keywords: Tracking can NOT be eliminated by Taco+Cowboy · 2013-12-11 00:20 · Score: 5, Interesting

... Tracking not reduced for all a but a tiny minority of paranoids and actual baddies ...

We do need to understand this --- tracking can NOT be totally eliminated.
Cookie tracking is but one of the various ways they use to track us. The report @ http://truththeory.com/2013/12/10/how-to-see-what-government-agency-is-spying-on-your-phone/ tells us about another way (they hack the prepaid phones and track the unique IPs).
No matter if you are an idiot or a tin-foil hatter, you gotta understand that there is only so much you can do.
The world we live in a FREE WORLD for the Big Brothers (commercial or otherwise) to do whatever they want with us.
Even if you only use cash / bitcoin to do purchases, they _still_ can find ways to "understand" you.
I may sound like a defeatist, I may sound as if I have given up. I am not.
I am a realist, though.
No matter what step (or steps) I take to minimize my exposure, they know who I am, where I am, with whom I am, my favorite watering hole, the usual kind of food I take, my regular schedule, and so on...
In one of my previous posts (some moons ago) I mentioned that we need to keep alert 24/7, and someone replied that if I keep on doing that I'm going to go bonker.
Perhaps I have already gone bonker, but then, that's what Big Brothers want anyway.

--
Muchas Gracias, Señor Edward Snowden !
1. Re:Keywords: Tracking can NOT be eliminated by ewieling · 2013-12-11 02:20 · Score: 2
  
  Maybe the only way to win is to not play the game (at least as far as the internet and cellular is concerned). They can't track my internet usage if I don't use the internet, they can't track my location if I don't have a cell phone, they can't track my purchases if I use cash. I'm not ready to give up the convinces of modern technology yet, but each day I get closer. I have drastically reduced my trackable activity though. Eliminated almost all online shopping, eliminated almost all debit card usage, and leave my cell phone in one place most of the time and use my it far, far less. Never used social media web sites so no big loss there. Amazon has lost hundreds of dollars of my business. My bank and VISA have lost income from transaction processing fees because I don't use my debit card much anymore.
  
  --
  I really shouldn't have used someone else's email address for this account.
2. Re:Keywords: Tracking can NOT be eliminated by Vitriol+Angst · 2013-12-11 03:56 · Score: 3, Insightful
  
  They can't track everyone. If you steal what you want, you don't make a purchase. If you use someone else's machine -- they track someone else -- and if you have no relationship and you bounced it through some anonymous service, there are diminishing returns on knowing you. If you know a bit more, you are spoofing MAC addresses and piggy-backing on other users. Or you do nothing electronically related to your nefarious plans.
  In short; the NSA knows more about innocent people and clueless miscreants than it does about real bad guys. While collecting this massive amount of data -- they are distracted.
  Now, if there goal really isn't security but SOMETHING ELSE -- well, then this should work out just fine for them. If it's security -- it's worse than if they did no tracking at all. If I were up to no good, I certainly wouldn't bother with leaving any legitimate tracks.
  
  --
  >>"ad space available -- low rates!!!"
3. Re:Keywords: Tracking can NOT be eliminated by Vitriol+Angst · 2013-12-11 04:02 · Score: 2
  
  I'm sure there are "bulk scanners" going on -- things we are not aware of like Teller Machines and such that are scanning the serial codes.
  I'm fairly sure the have embedded some kind of RFID ribbon in the $100 bill and larger currency. It's not going to track with regular RFID gear, but likely with a specific radio frequency it will give out it's serial number (I mean, that's how I'd do it -- and whatever I COULD do, usually ends up being something that is BEING DONE).
  The NSA is not limiting itself based on any laws or ethics -- it is ONLY limited by technology and imagination. There are efforts to legalize everything or couch it as something else -- and wherever there is a gap, there is just propaganda and PR.
  Think; what COULD YOU DO -- and it's likely actually being done. Tires that can be scanned through devices in roads. Bills that can give out a serial number over radio frequencies. Hidden garbage packets that get sent out in off-band signals from chips on your computer that are involved in communication. Whatever they can do, they have done. We only need a Snowden to provide evidence.
  I've been assuming this since 2000 and I have not been disappointed.
  
  --
  >>"ad space available -- low rates!!!"
4. Re:Keywords: Tracking can NOT be eliminated by ewieling · 2013-12-11 04:18 · Score: 4, Insightful
  
  I don't expect to be able to purchase a vehicle anonymously. I am not trying entirely prevent the government from knowing where I live -- that is not practical. I signed a lease on my apartment, I get a paycheck, I have utilities in my name, I have a car registered in my name. None of those things allow the government to track where I go and what I do as part of a "surveil the entire country" program.
  
  If the government thinks I'm a "bad guy" and specifically targets me then I'm screwed no matter what I do. Unless I'm the target of a criminal investigation they have no valid reason to know where I go, what I buy, or who I communicate with.
  
  --
  I really shouldn't have used someone else's email address for this account.
5. Re:Keywords: Tracking can NOT be eliminated by dead_user · 2013-12-11 05:58 · Score: 2
  
  Absolutely not. I am just saying don't assume cash is totally anonymous, because it isn't.
  This machine captures the serials of 1200 bills a minute. While it counts, verifies and scans each one.
  
  http://www.cumminsallison.com/us/en/products/currency-handling/jetscan-ifx-i100
Re:Who uses Google anymore? by SuricouRaven · 2013-12-11 00:23 · Score: 2

Because:
1. Who else will you use? The other major search providers are just as evil when it comes to tracking.
2. Their algorithms are the best around. A few competitors come close - Bing will do when you're just looking for commonly available information. But when you're hunting the obscure, on a purely technological level, Google just do it best.
1984 wasn't supposed to be a cookbook by joseph90 · 2013-12-11 00:28 · Score: 2

what did they say about absolute power again?
Re:Noise generation / digital haystack by retroworks · 2013-12-11 00:47 · Score: 2

Antiphorm http://www.dslreports.com/forum/r20512864-antiphorm-lite or "cookie camouflage" would be easy and effective at creating a "digital haystack" so big that NSA could not monitor it. But Antiphorm disappeared, and

--
Gently reply
As if ... by gstoddart · 2013-12-11 00:49 · Score: 3, Insightful

For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them.
No, the advertising industry wants to target ads to us to benefit themselves, and in the process they've made everything we do tracked, monitored, cataloged, and neatly bundled up for sale to someone else.
And since I am not willing to provide them with this, I feel no compunction about blocking cookies, beacons, analytics, and a host of other things.
For website owners who rely on this, too fucking bad. Because your precious content isn't worth trading my privacy for, and I do not give a damn. It's like going to an Italian Restaurant and being told that Vinnie here also needs to get a cut.
I don't believe Google is really interested in stopping collecting user information. They may want to limit what the government can access, and they want to give the appearance of fighting for the consumer. But the big companies like Google who have really made this widespread have a huge financial interest in continuing this practice.
Once you have things like Ghostery and the like installed, and realize just how much crap is on every web page, it's astounding. Hell, right now, on Slashdot I've blocked "Google Analytics", "Google AdWords Converter", a "Scorecard Research" beacon, and whatever the hell "Janrain" is, and something called rpxnow.com -- and Slashdot isn't the "worst" site I've seen. But absolutely none of those sites is entitled to (or is actually receiving) any of my information.
Fuck the lot of them. I've more or less determined the internet is a place where 80% of the big players can't be trusted, so as much as possible, I just deny them the information they want in the first place.
Because, let's face it, doubleclick.com and the like have been douchebags for better part of 15 years. Why would we assume that would ever change?

--
Lost at C:>. Found at C.
The laws need changing/revoking... by advocate_one · 2013-12-11 00:57 · Score: 4, Informative

the problem HERE lies with the National Security Act which allows them to get this data from Google without having to jump through the hoops of having to provide due cause and a proper warrant. National Security Letters should be outlawed...

--
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
1. Re:The laws need changing/revoking... by Desler · 2013-12-11 01:29 · Score: 3, Interesting
  
  But if these companies didn't have such huge troves of private user data there would be no need to worry about NSLs, etc. They'd have nothing to give over. He's not against bulk collection of data, etc. He's simply against the government competing against him in the data collection realm.
Re:Calling for? by Desler · 2013-12-11 01:14 · Score: 4, Interesting

And this article is amusing in light of the fact that Slashdot has been using Google Analytics and other tools that are feeding this data to Google.
No mention of Snowden? by gumpish · 2013-12-11 04:04 · Score: 2

I guess we're just supposed to assume that any reports like this were made possible by Snowden unless someone says otherwise?