Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

← Back to Stories (view on slashdot.org)

Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

Posted by samzenpus on Monday December 15, 2014 @01:50AM from the no-snooping-zone dept.

jfruh writes Google Chairman Eric Schmidt told a conference on surveillance at the Cato Institute that Edward Snowden's revelations on NSA spying shocked the company's engineers — who then immediately started working on making the company's servers and services more secure. Now, after a year and a half of work, Schmidt says that Google's services are the safest place to store your sensitive data.

25 of 281 comments (clear)

Min score:

Reason:

Sort:

Or better yet by NeoGeo64 · 2014-12-15 01:51 · Score: 5, Insightful

Just keep everything on your hard drive on a computer that is *not* connected to the Internet.
1. Re:Or better yet by nitehawk214 · 2014-12-15 02:13 · Score: 5, Funny
  
  Nope, that wont help you.
  
  --
  I'm a good cook. I'm a fantastic eater. - Steven Brust
2. Re:Or better yet by Zanadou · 2014-12-15 04:34 · Score: 4, Funny
  
  "Beware of the leopard."
Under US Jurisdiction? by xophos · 2014-12-15 01:52 · Score: 5, Insightful

They will be immediately forced to hand over everything and be silent about it.
Until US laws are fixed AND respected, data going to a US Corporation can by definition not be safe.
1. Re:Under US Jurisdiction? by Overzeetop · 2014-12-15 01:59 · Score: 4, Informative
  
  Tell that to SpiderOak.
  
  --
  Is it just my observation, or are there way too many stupid people in the world?
2. Re:Under US Jurisdiction? by Framboise · 2014-12-15 02:07 · Score: 4, Interesting
  
  Google is investing massively abroad, such as in Zurich, Switzerland, where privacy laws are especially strong. Expect that if US laws continue to have negative effects on Google income, the company is going to be more and more international.
3. Re:Under US Jurisdiction? by Anonymous Coward · 2014-12-15 02:30 · Score: 5, Informative
  
  It's not going well for Microsoft. They are requesting data from the servers in Ireland.
4. Re:Under US Jurisdiction? by bickerdyke · 2014-12-15 02:50 · Score: 5, Insightful
  
  Thus far, the most popular way for companies to circumvent this pressure is to try and design encryption systems where they (the corporation) do not hold the ability to decrypt user data.
  At that point, law enforcement can ask all they want, legally or otherwise.
  The grey bearded nerds here may still remember the legend of yore about a company called lavabit and how they tried exactly that....
  
  --
  bickerdyke
5. Re:Under US Jurisdiction? by Registered+Coward+v2 · 2014-12-15 03:16 · Score: 4, Insightful
  
  Google is investing massively abroad, such as in Zurich, Switzerland, where privacy laws are especially strong. Expect that if US laws continue to have negative effects on Google income, the company is going to be more and more international.
  Which is pretty much irrelevant when it comes to a US Court requiring them to turn over the data if they have it. It used to be, in the age of paper, that stuff could be kept off-shore making it essentially unreachable; especially since no one might even now it existed unless someone told the authorities. Now, a US corporations data is essentially one big collection of stuff to be made available on demand; and refusal to turn it over could result in fines and contempt charges. In the end, he with the biggest stick wins.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
6. Re:Under US Jurisdiction? by kheldan · 2014-12-15 03:45 · Score: 4, Insightful
  
  Amplifying the OP here. I know people in general seem to be getting dumber and dumber with every passing decade, but have people reached the point where Google can say stupid shit like this and really expect everyone to believe it? You may as well just call the FBI, NSA, CIA, DHS, and whoever else wants to snoop on everyone, and ask them to create a share on their servers for your most-personal, most-important data, and store it in the clear, at least that way you'd save some tax dollars. For fuck's sake people, 'the cloud' is a bad joke. You want to keep your personal data safe from snooping? Do as at least one other commenter on this story has said: Put it on a storage device not connected in any way to the Internet. We do not live in a day and age where the government gives a flying fuck about your 'right to privacy', if these bastards had their way we'd all be living in a world where George Orwell's 1984 would look warm and fuzzy by comparison.
  
  --
  Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
7. Re:Under US Jurisdiction? by oldmac31310 · 2014-12-15 04:20 · Score: 5, Funny
  
  They're after me lucky charms! - Bill Gates
  
  --
  http://www.acetonestudio.com
8. Re:Under US Jurisdiction? by willy_me · 2014-12-15 05:18 · Score: 4, Insightful
  
  But Google makes money from targeted advertising - and they need to see your data for that. Google will always have the ability to view data stored on their servers because that is their basic business model. One has to pay for what you described. Apple claims to provide such a service. You pay for this indirectly by purchasing an Apple device.
  So unless you shell out some cash there is no way to get free stable encrypted storage. The idea is nice, but economically unfeasible.
9. Re:Under US Jurisdiction? by Shadow+IT+Ninja · 2014-12-15 06:14 · Score: 5, Informative
  
  As I remember, Lavabit was intended to not have the ability to decrypt user data but, in fact, there were at least two ways unanticipated by the designers. One way is to wait until a user logs on again and capture their key. The mistake here was that encryption is performed on the server and not on the user's own machine before sending to Lavabit. The other thing, which is apparently what was requested in the court order, was to give up their private SSL key which the government agencies would then use to decrypt previously captured network traffic and recover the keys of, potentially, every Lavabit user. One issue here is the same as before. They were sending keys over the internet when the only safe way to do it is to keep the storage encryption process entirely client side. The other thing was that they were not using Perfect Forward Secrecy, which would have created a different temporary key for each SSL session and discarded it after transfer. They were using traditional SSL where every transfer going to the server is encrypted with the one public key matching the site's SSL certificate.
  
  Levison (owner of Lavabit) also made the big mistake of trying to answer the court order himself without getting a lawyer first. He bolloxed the legal argument which is why he ended up getting finded.
10. Re:Under US Jurisdiction? by shaitand · 2014-12-15 07:19 · Score: 4, Informative
  
  The government doesn't need to request your account, they can request google's own keys and never tell google what they are actually looking at.
11. Re:Under US Jurisdiction? by Grishnakh · 2014-12-15 07:46 · Score: 4, Interesting
  
  at this point we should be storming the Pentagon / White House / Senate en masse to demand and take real freedom. There is no terrorist threat that actually warrants this level of intrusion, our own police seem to be better at killing defenceless citizens than terrorists anyway over the last year.
  The problem is that most Americans are perfectly happy with the police acting this way. Yes, there's a minority of Americans who are outraged, but most of them thing it's just fine. Just look at the online comments any time one of these incidents happens; most Americans think the victim got what he deserved.
For sure. by ruir · 2014-12-15 01:53 · Score: 5, Insightful

Why not keep the data in the police station? I am sure it would work better than at googles. Is this article a freaking joke? It is not the 1st of April yet last time I checked.
1. Re:For sure. by TheGratefulNet · 2014-12-15 02:05 · Score: 5, Insightful
  
  google: "we're upping our doublethink. so, up yours!"
  this is a 'trust me, the sky is green' moment for google. they have had lots of those, lately, too.
  
  --
  
  --
  "It is now safe to switch off your computer."
As Bender would say... by Anonymous Coward · 2014-12-15 02:06 · Score: 5, Funny

To quote Bender:
HA HA HA HA HA HA!
Oh wait! You're serious. Then let me laugh even harder!
HAAAHAAAAHAAAAAAAAAAAAAAAAA
The cloud is... by Anonymous Coward · 2014-12-15 02:07 · Score: 5, Insightful

...about control.
Them moment you put ANYTHING in the cloud, you are relinquishing control of your data. PERIOD.
Who gives a shit if they are reading your stuff....if you are that concerned about it, it does not take much to make it unreadable via encryption....
The real issue is you are basically giving the keys of your kingdom to somebody else.....Encrypted or not, they can block your access to it and shut you down. Any time they want. PERIOD. And if/when it happens THERE WILL BE NOTHING YOU CAN DO ABOUT IT. Sure you can sue and spend years in court, but I do not know any company that can survive years and years without producing/selling anything until this mess is sorted out.
Offline copies you say? Then you basically got suckered into paying for services for a cloud provider AND keep your own infrastructure.....
Pay 2 cloud providers? At that point I think it is cheaper to simply not pay anybody and build your own infrastructure.....
The cloud is an interesting idea, hardly new concept though: we are essentially transitioning back to the days of big powerful central mainframes that companies such as IBM had a stranglehold on and had their clients paying "protection" money that would make the mafia green with envy....
Do no evil, right? by Noryungi · 2014-12-15 02:07 · Score: 5, Insightful

Here is my problem: Google has a long history of cooperating with NSA.
Don't believe me? Fine: read these links instead... Yahoo News article about cooperation between Google and NSA, Guardian article, Tom's Guide article.
Even if Google does not/did not/will not cooperate with NSA, Eric Schmidt himself has been cooperating with the US Government, which cast serious doubts about his desire to protect the private information of Google clients.
Again, don't believe me? Fine, read this instead: Julian Assange on Eric Schmidt. Or (even better) this transcript.
Even if Eric Schmidt does not cooperate with the US Government, he has said himself, repeatedly, that privacy is dead and that it's something for hackers.
Don't believe me? Fine, read this instead: EFF article, Gawker article.
In other words, a company that cooperated with the NSA, led by a man who does not care about your privacy (but cares very much about his) is telling you that there is nothing to see here, sure we are protecting your privacy, please buy our products, we are safe and professionals and there is nothing to be afraid of.
Seriously? How come this gasbag is a freaking CEO, paid millions of dollars a year?

--
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
No - Keep Your Data Home by pubwvj · 2014-12-15 02:09 · Score: 5, Insightful

No, if you want to avoid NSA spying then keep your data out of the cloud and off the web. Keep your data at home. It's that easy.
comments like that... by Cardoor · 2014-12-15 02:12 · Score: 5, Interesting

can discredit anything and everything you have ever said before publicly. then again, i wonder if it's reached the point of kabuki theatre such that he's trying to deliberately be ridiculous to communicate in the only way he can. kind of like when a hostage deliberately oversells his 'newfound devotion' to his captors' cause to try and communicate that there's a gun pointed at his head.
I feel safer with NSA than Google by david.emery · 2014-12-15 02:24 · Score: 4, Insightful

All things considered, I trust the NSA more with my data. At least they're not in the business of selling it.
Re:"safe" by rossdee · 2014-12-15 02:36 · Score: 5, Funny

"Ah, this is obviously some strange use of the word safe that I wasn't previously aware of.” - Arthur Dent
Is it safe? by matbury · 2014-12-15 02:51 · Score: 5, Interesting

It's worse than most people seem to realise. Schmidt isn't just lying, he's willingly getting Google in deeper with the NSA because, you know, the bottom line: It's very, very profitable (tax payers dollars are always the most profitable source) and the market insists that corporations go where the money is. Google appear to be doing everything they can to get into the international espionage business via their departments like "Google Ideas", which is effectively a department within the US State Department. They consult with governments and corporations to help them with their commercial and political "issues." You know, the kinds of issues that some governments and corporations don't like, such as popular protest movements, environmental campaigning, human rights protection and enforcement, exposing political corruption, etc. Google can provide such governments and corporations with very helpful data on who these "trouble makers" are, where they've been, who they've talked to, and what they may be planning to do next.
Perhaps we should be more insistent when interviewing Schmidt about our data: Is it safe? https://www.youtube.com/watch?... I mean, it's the kind of thing that he's endorsing, enabling, and promoting by getting into bed with the current NSA, CIA, DoJ, and State Department. It's only fair that he should be treated equally.