Slashdot Mirror

← Back to Stories (view on slashdot.org)

Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

Posted by samzenpus on from the no-snooping-zone dept.

jfruh writes Google Chairman Eric Schmidt told a conference on surveillance at the Cato Institute that Edward Snowden's revelations on NSA spying shocked the company's engineers — who then immediately started working on making the company's servers and services more secure. Now, after a year and a half of work, Schmidt says that Google's services are the safest place to store your sensitive data.

16 of 281 comments (clear)

  1. Or better yet by NeoGeo64 · · Score: 5, Insightful

    Just keep everything on your hard drive on a computer that is *not* connected to the Internet.

    1. Re:Or better yet by nitehawk214 · · Score: 5, Funny

      Nope, that wont help you.

      --
      I'm a good cook. I'm a fantastic eater. - Steven Brust
  2. Under US Jurisdiction? by xophos · · Score: 5, Insightful

    They will be immediately forced to hand over everything and be silent about it.
    Until US laws are fixed AND respected, data going to a US Corporation can by definition not be safe.

    1. Re:Under US Jurisdiction? by Anonymous Coward · · Score: 5, Informative

      It's not going well for Microsoft. They are requesting data from the servers in Ireland.

    2. Re:Under US Jurisdiction? by bickerdyke · · Score: 5, Insightful

      Thus far, the most popular way for companies to circumvent this pressure is to try and design encryption systems where they (the corporation) do not hold the ability to decrypt user data.

      At that point, law enforcement can ask all they want, legally or otherwise.

      The grey bearded nerds here may still remember the legend of yore about a company called lavabit and how they tried exactly that....

      --
      bickerdyke
    3. Re:Under US Jurisdiction? by oldmac31310 · · Score: 5, Funny

      They're after me lucky charms! - Bill Gates

      --
      http://www.acetonestudio.com
    4. Re:Under US Jurisdiction? by Shadow+IT+Ninja · · Score: 5, Informative

      As I remember, Lavabit was intended to not have the ability to decrypt user data but, in fact, there were at least two ways unanticipated by the designers. One way is to wait until a user logs on again and capture their key. The mistake here was that encryption is performed on the server and not on the user's own machine before sending to Lavabit. The other thing, which is apparently what was requested in the court order, was to give up their private SSL key which the government agencies would then use to decrypt previously captured network traffic and recover the keys of, potentially, every Lavabit user. One issue here is the same as before. They were sending keys over the internet when the only safe way to do it is to keep the storage encryption process entirely client side. The other thing was that they were not using Perfect Forward Secrecy, which would have created a different temporary key for each SSL session and discarded it after transfer. They were using traditional SSL where every transfer going to the server is encrypted with the one public key matching the site's SSL certificate.

      Levison (owner of Lavabit) also made the big mistake of trying to answer the court order himself without getting a lawyer first. He bolloxed the legal argument which is why he ended up getting finded.

  3. For sure. by ruir · · Score: 5, Insightful

    Why not keep the data in the police station? I am sure it would work better than at googles. Is this article a freaking joke? It is not the 1st of April yet last time I checked.

    1. Re:For sure. by TheGratefulNet · · Score: 5, Insightful

      google: "we're upping our doublethink. so, up yours!"

      this is a 'trust me, the sky is green' moment for google. they have had lots of those, lately, too.

      --

      --
      "It is now safe to switch off your computer."
  4. As Bender would say... by Anonymous Coward · · Score: 5, Funny

    To quote Bender:

    HA HA HA HA HA HA!

    Oh wait! You're serious. Then let me laugh even harder!

    HAAAHAAAAHAAAAAAAAAAAAAAAAA

  5. The cloud is... by Anonymous Coward · · Score: 5, Insightful

    ...about control.

    Them moment you put ANYTHING in the cloud, you are relinquishing control of your data. PERIOD.

    Who gives a shit if they are reading your stuff....if you are that concerned about it, it does not take much to make it unreadable via encryption....

    The real issue is you are basically giving the keys of your kingdom to somebody else.....Encrypted or not, they can block your access to it and shut you down. Any time they want. PERIOD. And if/when it happens THERE WILL BE NOTHING YOU CAN DO ABOUT IT. Sure you can sue and spend years in court, but I do not know any company that can survive years and years without producing/selling anything until this mess is sorted out.

    Offline copies you say? Then you basically got suckered into paying for services for a cloud provider AND keep your own infrastructure.....
    Pay 2 cloud providers? At that point I think it is cheaper to simply not pay anybody and build your own infrastructure.....

    The cloud is an interesting idea, hardly new concept though: we are essentially transitioning back to the days of big powerful central mainframes that companies such as IBM had a stranglehold on and had their clients paying "protection" money that would make the mafia green with envy....

  6. Do no evil, right? by Noryungi · · Score: 5, Insightful

    Here is my problem: Google has a long history of cooperating with NSA.

    Don't believe me? Fine: read these links instead... Yahoo News article about cooperation between Google and NSA, Guardian article, Tom's Guide article.

    Even if Google does not/did not/will not cooperate with NSA, Eric Schmidt himself has been cooperating with the US Government, which cast serious doubts about his desire to protect the private information of Google clients.

    Again, don't believe me? Fine, read this instead: Julian Assange on Eric Schmidt. Or (even better) this transcript.

    Even if Eric Schmidt does not cooperate with the US Government, he has said himself, repeatedly, that privacy is dead and that it's something for hackers.

    Don't believe me? Fine, read this instead: EFF article, Gawker article.

    In other words, a company that cooperated with the NSA, led by a man who does not care about your privacy (but cares very much about his) is telling you that there is nothing to see here, sure we are protecting your privacy, please buy our products, we are safe and professionals and there is nothing to be afraid of.

    Seriously? How come this gasbag is a freaking CEO, paid millions of dollars a year?

    --
    The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  7. No - Keep Your Data Home by pubwvj · · Score: 5, Insightful

    No, if you want to avoid NSA spying then keep your data out of the cloud and off the web. Keep your data at home. It's that easy.

  8. comments like that... by Cardoor · · Score: 5, Interesting

    can discredit anything and everything you have ever said before publicly. then again, i wonder if it's reached the point of kabuki theatre such that he's trying to deliberately be ridiculous to communicate in the only way he can. kind of like when a hostage deliberately oversells his 'newfound devotion' to his captors' cause to try and communicate that there's a gun pointed at his head.

  9. Re:"safe" by rossdee · · Score: 5, Funny

    "Ah, this is obviously some strange use of the word safe that I wasn't previously aware of.” - Arthur Dent

  10. Is it safe? by matbury · · Score: 5, Interesting

    It's worse than most people seem to realise. Schmidt isn't just lying, he's willingly getting Google in deeper with the NSA because, you know, the bottom line: It's very, very profitable (tax payers dollars are always the most profitable source) and the market insists that corporations go where the money is. Google appear to be doing everything they can to get into the international espionage business via their departments like "Google Ideas", which is effectively a department within the US State Department. They consult with governments and corporations to help them with their commercial and political "issues." You know, the kinds of issues that some governments and corporations don't like, such as popular protest movements, environmental campaigning, human rights protection and enforcement, exposing political corruption, etc. Google can provide such governments and corporations with very helpful data on who these "trouble makers" are, where they've been, who they've talked to, and what they may be planning to do next.

    Perhaps we should be more insistent when interviewing Schmidt about our data: Is it safe? https://www.youtube.com/watch?... I mean, it's the kind of thing that he's endorsing, enabling, and promoting by getting into bed with the current NSA, CIA, DoJ, and State Department. It's only fair that he should be treated equally.