Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Accused of Showing 'Total Contempt' for Android Users' Privacy (bleepingcomputer.com)

Posted by msmash on from the bad-timing dept.

On the heels of a terse privacy debate, Google may have found another thing to worry about: its attempt to rethink the traditional texting system. From a report: Joe Westby is Amnesty International's Technology and Human Rights researcher. Recently, in response to Google's launch of a new messaging service called "Chat", Westby argued that Google, "shows total contempt for Android users' privacy."

"With its baffling decision to launch a messaging service without end-to-end encryption, Google has shown utter contempt for the privacy of Android users and handed a precious gift to cybercriminals and government spies alike, allowing them easy access to the content of Android users' communications. Following the revelations by CIA whistleblower Edward Snowden, end-to-end encryption has become recognized as an essential safeguard for protecting people's privacy when using messaging apps. With this new Chat service, Google shows a staggering failure to respect the human rights of its customers," Westby contended. Westby continued, saying: "In the wake of the recent Facebook data scandal, Google's decision is not only dangerous but also out of step with current attitudes to data privacy."

5 of 100 comments (clear)

  1. Guilty! by amiga3D · · Score: 4, Insightful

    Guilty as charged. I think it's time for some serious anti-trust action in Federal court.

    1. Re:Guilty! by TheRaven64 · · Score: 3, Insightful

      In a previous thread, someone suggested generating and storing one-time pads on phones. It would be quite interesting to use bluetooth when you're physically near one of your contacts to automatically exchange a few tens of MBs of random noise and then use that as a OTP for future messages sent to them. For large attachments (e.g. photos), you could send a 256-bit AES key and then use symmetric encryption for the contents, but still have the OTP for text messages. 10MBs of OTP key would be more text messages than most people send in a year (around 75K, assuming that they are all full length).

      It would be an interesting experiment...

      --
      I am TheRaven on Soylent News
  2. End to end isn't the Google way by TimMD909 · · Score: 1, Insightful

    Google would never allow end-to-end encryption of data that they'd like to mine. Why would anyone be surprised?

  3. Most people dont care by 140Mandak262Jamuna · · Score: 5, Insightful
    You set up web site and offer some trivial thing like 25 cents off a loaf of bread, and ask users to setup an account. They will use the same user name password they use for their bank account, and give you all the security question answers too.

    It is debatable, whether Facebook and Google show more contempt towards privacy than the users themselves

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  4. Joe Westby is an idiot by viperidaenz · · Score: 4, Insightful

    Chat isn't a replacement for any encrypted communications tool.
    It's a replacement for SMS, which is also not encrypted.
    It's required to be backward compatible with SMS, because not all networks or phones will support it. You can't do end-to-end encryption when one end doesn't support encryption.
    It's required to be operated by cellular carriers, so to be able to be operated in various countries, access to messages is a requirement, like SMS.
    It's required to not have a central set of servers that are operated by a single company, like iMessage, WhatsApp, etc.