They are making a whole-sale copy of they internet, you simply compel google to give up their certs, replicate their infrastructure and software and have a real-time copy of the same info under your control being fed by shadow copy of the Internet
First, having certs does no good -- which is good because those are public information which Google sends to every browser that asks for them. Perhaps you meant private keys? Giving those keys would constitute providing indirect access, which Google has specifically said it does not do. Google's disclaimers have been pretty thorough; there aren't any significant loopholes. Either Google is lying, the NSA does not actually have access to gmail data, or the NSA has achieved a tremendous espionage coup and managed to keep it secret from Google.
Not really an answer to the question, but good security design should focus on identifying all of the relevant threats (aka a "threat model") and mitigating all of them to the degree that makes sense -- and any good threat model will inevitably identify insider threats as the highest risks most at need of mitigation, because, by definition, insiders have greater opportunities to conduct attacks, and they have roughly the same motives as external attackers.
If you find that your organization doesn't spend 95+% of its security time, money and effort on foiling insider attacks, it's almost certainly not doing a good job. If it is adequately hardened against insiders it'll be darned near impossible for outsiders.
My impression of the NSA has always been one of an extremely high degree of competence, so the Snowden leaks surprised me. You can't stop insiders from gaining access to the data they need to do their jobs, of course (though you can often segment job responsibilities to minimize it), but you can and should make it a lot harder for them to get access to other sensitive data, and Snowden was apparently able to get a lot of stuff that wasn't relevant to his responsibilities.
I just tested it, and an unencrypted search for GOSIP does not redirect to an encrypted session, so no certificate at all. The reason I asked about China is because I think I read something about Google choosing to redirect some searches to HTTPS in order to defeat filtering by the Great Firewall.
I don't believe that's possible, and I'm certain that Google would fight it, hard, because of the potential for damage to Google's business.
I doubt the *SMTP* connections delivering mail to/from Google servers are all encrypted, regardless of the webmail interface.
Google uses SMTP over TLS whenever possible. Unfortunately, most other mail providers don't support it, so I believe SMTP traffic to and from Google is often unencrypted. Email from one Google account to another doesn't have that problem, of course.
Not impossible, but I happen to know quite a bit about how Google's private keys are stored and distributed to the front-end reverse proxy servers... and it would be difficult. They'd have to compromise one of a small number of people who would be fairly resistant to the idea.
Apparently entering searches in the search bar sent them in the clear
That's certainly possible. It depends on how Firefox's default search engine is configured. If you want to be sure your searches are encrypted, go change the setting to use https://google.com./
Apparently entering searches in the search bar sent them in the clear and certain keywords could trigger a new certificate. Put in the same keyword and nothing happens you need to find a new keyword to trigger a new certificate. I used one of those lists with supposedly sensitive keywords.
That's impossible. The session encryption negotiation is done prior to any data being sent, so the certificate provided by the server, and used to encrypt the session key, is delivered to the browser before Google receives any keywords.
What about equipment "just outside" their networks, or accessing whatever Google considers non-user data?
Well, since nearly all Google traffic is encrypted, equipment just outside their networks wouldn't do much good. And Google considers all data in any way related to users to be user data
I'd be surprised if (unknown to Google) they aren't employing some people who also work for the NSA.
That could certainly be. However, Google security is pretty deep, and focuses at least as much on securing against insider threats as outsider threats. Those NSA employees would have to be extremely well-placed. (I work for Google, on security infrastructure, which means I know whereof I speak, but also that I can't provide much detail.)
Through a secret court?
Where that's what the law says, then yes. I think it's very clear that we have some deep public policy problems. However, Google's claim is that the number of requests they receive is small and affects only a tiny number of users. Unfortunately, the law doesn't allow them to be more specific, which is why they're suing.
Hopefully we can get more transparency, and it's good that Google are pushing for that.
Agreed. We absolutely need more transparency, and it's great that a company with the clout and resources of Google is pushing for it. It doesn't even matter whether they're pushing for it because they think it's a good thing in general or because the allegations are damaging to their business model.
The problem is that now, thanks to the PRISM leaks, no one believes Google. Not even a little bit.
That is a problem, indeed. It's why Google has filed suit against the DoJ, because Google can't provide the details needed to defend itself.
And yes, they can be legally compelled to lie and if they are so compelled they will be shielded from any consequences of those lies
Cite? As far as I know, the telecoms never lied. They refused to answer, and then eventually admitted to it. I could be wrong, however, since my memories of the details are fuzzy. But a few web searches seem to support my recollections. Yes, they definitely were shielded from any legal consequences.
But even if Google were shielded from legal consequences, Google could not be shielded from the extremely severe and irreparable PR consequences. Google might be able to recover from proof of the allegations by coming clean and promising to do better, but proof that the allegations were true and that Google lied would be disastrous for a company with Google's current business model. Remember that unlike the telecoms which have local monopolies, a national oligopoly and fairly high switching costs, Google's competition is just a click away.
I see three options:
1. Google is telling the truth.
2. Google is lying and is absolutely certain that it can never, ever be proven.
3. Google's executives are idiots.
I know 3 is false, and arguably it would have to be true for Google's execs to believe that their lies could never be proven, per 2. I think they're telling the truth.
(Disclaimer: I should mention that I work for Google. However, if the PRISM allegations were supported, I probably wouldn't be working for Google much longer, and neither would an awful lot of other people, including many who are far more talented and valuable than I am.)
I'm guessing MIT haven't tapped Google's fibre like the NSA so are doing it on a consent based basis, but no, I haven't read TFA.
I don't think tapping Google's fiber would do the NSA that much good. All traffic between gmail servers and gmail users is encrypted. They could get traffic between Google's SMTP servers and other mail providers, because although Google uses SMTP over TLS when talking to any other provider that supports it, few do, but messages between gmail accounts are never transmitted in cleartext.
If you argue that the NSA can lean on certificate authorities to let them spoof Google certs, I think that approach is unlikely to succeed. First, even if CAs cooperated the NSA would need to use it sparingly, because it's likely that eventually someone would notice that they're getting different -- though apparently valid -- certs, especially since all valid certs from Google should be issued by Google's CA. Second, the fact that Chrome pins all Google certs by default makes the odds of discovery even higher. In fact, that's how the DigiNotar compromise was surfaced; someone tried to use the compromised signing key to spoof a Google cert and Chrome threw up big red error pages.
The tool shows what the NSA could know about you if they had access to your gmail. However, Google rather staunchly maintains that the NSA does not have any access to Google user data, with the exception of specific information about specific individuals when proper legal documentation has been provided and reviewed by Google's legal team, and even then the NSA does not have access to Google's servers; Google retrieves the specific data requested by the order and delivers it to the requestor.
Unless Google is flat-out lying of course. I don't believe that is true; I don't think Google could be legally compelled to lie, and I don't think the CEO and legal counsel legally can lie to the public, but you have to make your own evaluation on that point.
The US spends $8 per passenger flight. The Israeli's spend $80.
So, all you need to do is find 50-60 billion dollars a year to get the US up to Israel's standard.
It would cost a lot more than that.
Airports would have to be completely redesigned to provide massive security processing halls, staffed by hundreds, if not thousands, of security personnel to handle the high volumes of US air travel at major airports. Passengers would also have to be willing to accept 1-2 hours going through security as a norm, with particularly busy times and days being even worse. They would also have to accept having all of their bags hand-searched and being questioned about any unusual items, and they would have to accept being interrogated in detail about their reasons for travel, what they did, where they went, who they met with... and they would have to accept the investigators actually checking up on their statements. And if they ever got comfortable with this, they'd have to accept further increases in the level of scrutiny, because the whole purpose of all of it is to make them uncomfortable and nervous, so that the security personnel can watch their reactions.
If you've ever been through Israeli security, you know that you don't want to go through that ordeal on a regular basis.
Don't you mean paint it white?
Otherwise, it will absorb heat instead of reflect it.
No, black. As well as absorbing energy better, black surfaces also emit energy better. That's actually why the SR-71 Blackbird is black, because the black paint helps it to cool faster.
The GP mentioned putting a mirror in front of it to block incoming radiant energy, and the black paint would help it radiate.
This is just Google collecting all of the worlds data, just like they said they were doing to do.
The Droid X2 was released on May 11, 2011. Google announced their intention to acquire Motorola Mobility on August 15, 2011, and completed the acquisition on May 22, 2012.
I've only seen it once, and I only had to give the girl one warning. She called me a fucking asshole and told me to get the fuck out of her face, but she put the phone away and did not use it again. I almost complained to the management just for her language (this was a family movie), but decided just to let it go unless she pulled the phone out again.
However, I have also noticed that while the theater's pre-movie warnings used to be friendly, gentle reminders, they've changed to pretty stern warnings making clear that phone usage will not be tolerated and that offenders will be kicked out, not receive a refund, and potentially be asked never to return. So there has obviously been enough trouble to warrant the sterner warnings.
Come to think of it, I think that single incident was during the "friendly reminder" era.
Anything that goes cleartext is available to them - even if you use SSL to connect to your gmail server, unless you're emailing someone else on gmail it'll still go cleartext to the SMTP server at the other end.
True, unless the remote server implements SMTP over TLS. Google opportunistically uses that whenever it's available. Unfortunately, basically none of the big mail providers (other than Google) do SSMTP, and it's hit and miss on the smaller ones. They should all do it.
They are also certain to have the ability to spoof SSL certificates - not via any high-tech method, but simply by leaning on the root CAs to sign them - but I imagine they'd use that trick sparingly to avoid detection.
Very sparingly. Among other things, Chrome automatically pins all Google certs and screams loudly if a cert changes when it shouldn't. That's actually how the DigiNotar breach was discovered; someone tried to use a bogus google.com certificate and Chrome users got a bunch of red screens and complained. I suppose they could try to identify Chrome browsers and avoid MITMing those connections, but that's difficult because the TLS parameters are negotiated before the HTTP traffic begins, meaning before the useragent string is sent. They'd have to identify the browser by looking at unencrypted traffic to another destination first, and even that's a bit risky due to agent string spoofing.
Can you reproduce?
Already addressed in my comments about certificates and certificate pinning, see above.
I have, several times. Perhaps I missed it in this thread. It's on my /. profile.
They are making a whole-sale copy of they internet, you simply compel google to give up their certs, replicate their infrastructure and software and have a real-time copy of the same info under your control being fed by shadow copy of the Internet
First, having certs does no good -- which is good because those are public information which Google sends to every browser that asks for them. Perhaps you meant private keys? Giving those keys would constitute providing indirect access, which Google has specifically said it does not do. Google's disclaimers have been pretty thorough; there aren't any significant loopholes. Either Google is lying, the NSA does not actually have access to gmail data, or the NSA has achieved a tremendous espionage coup and managed to keep it secret from Google.
Not really an answer to the question, but good security design should focus on identifying all of the relevant threats (aka a "threat model") and mitigating all of them to the degree that makes sense -- and any good threat model will inevitably identify insider threats as the highest risks most at need of mitigation, because, by definition, insiders have greater opportunities to conduct attacks, and they have roughly the same motives as external attackers.
If you find that your organization doesn't spend 95+% of its security time, money and effort on foiling insider attacks, it's almost certainly not doing a good job. If it is adequately hardened against insiders it'll be darned near impossible for outsiders.
My impression of the NSA has always been one of an extremely high degree of competence, so the Snowden leaks surprised me. You can't stop insiders from gaining access to the data they need to do their jobs, of course (though you can often segment job responsibilities to minimize it), but you can and should make it a lot harder for them to get access to other sensitive data, and Snowden was apparently able to get a lot of stuff that wasn't relevant to his responsibilities.
I don't believe it's possible for Google to be legally compelled to lie, but I could be wrong.
I just tested it, and an unencrypted search for GOSIP does not redirect to an encrypted session, so no certificate at all. The reason I asked about China is because I think I read something about Google choosing to redirect some searches to HTTPS in order to defeat filtering by the Great Firewall.
4. Google is compelled by law to lie.
I don't believe that's possible, and I'm certain that Google would fight it, hard, because of the potential for damage to Google's business.
I doubt the *SMTP* connections delivering mail to/from Google servers are all encrypted, regardless of the webmail interface.
Google uses SMTP over TLS whenever possible. Unfortunately, most other mail providers don't support it, so I believe SMTP traffic to and from Google is often unencrypted. Email from one Google account to another doesn't have that problem, of course.
Not impossible, but I happen to know quite a bit about how Google's private keys are stored and distributed to the front-end reverse proxy servers... and it would be difficult. They'd have to compromise one of a small number of people who would be fairly resistant to the idea.
Do you have any example keywords? Also, are you located in China?
Apparently entering searches in the search bar sent them in the clear
That's certainly possible. It depends on how Firefox's default search engine is configured. If you want to be sure your searches are encrypted, go change the setting to use https://google.com./
Apparently entering searches in the search bar sent them in the clear and certain keywords could trigger a new certificate. Put in the same keyword and nothing happens you need to find a new keyword to trigger a new certificate. I used one of those lists with supposedly sensitive keywords.
That's impossible. The session encryption negotiation is done prior to any data being sent, so the certificate provided by the server, and used to encrypt the session key, is delivered to the browser before Google receives any keywords.
The coefficient of friction usually changes with the contact area.
What about equipment "just outside" their networks, or accessing whatever Google considers non-user data?
Well, since nearly all Google traffic is encrypted, equipment just outside their networks wouldn't do much good. And Google considers all data in any way related to users to be user data
I'd be surprised if (unknown to Google) they aren't employing some people who also work for the NSA.
That could certainly be. However, Google security is pretty deep, and focuses at least as much on securing against insider threats as outsider threats. Those NSA employees would have to be extremely well-placed. (I work for Google, on security infrastructure, which means I know whereof I speak, but also that I can't provide much detail.)
Through a secret court?
Where that's what the law says, then yes. I think it's very clear that we have some deep public policy problems. However, Google's claim is that the number of requests they receive is small and affects only a tiny number of users. Unfortunately, the law doesn't allow them to be more specific, which is why they're suing.
Hopefully we can get more transparency, and it's good that Google are pushing for that.
Agreed. We absolutely need more transparency, and it's great that a company with the clout and resources of Google is pushing for it. It doesn't even matter whether they're pushing for it because they think it's a good thing in general or because the allegations are damaging to their business model.
The problem is that now, thanks to the PRISM leaks, no one believes Google. Not even a little bit.
That is a problem, indeed. It's why Google has filed suit against the DoJ, because Google can't provide the details needed to defend itself.
And yes, they can be legally compelled to lie and if they are so compelled they will be shielded from any consequences of those lies
Cite? As far as I know, the telecoms never lied. They refused to answer, and then eventually admitted to it. I could be wrong, however, since my memories of the details are fuzzy. But a few web searches seem to support my recollections. Yes, they definitely were shielded from any legal consequences.
But even if Google were shielded from legal consequences, Google could not be shielded from the extremely severe and irreparable PR consequences. Google might be able to recover from proof of the allegations by coming clean and promising to do better, but proof that the allegations were true and that Google lied would be disastrous for a company with Google's current business model. Remember that unlike the telecoms which have local monopolies, a national oligopoly and fairly high switching costs, Google's competition is just a click away.
I see three options:
1. Google is telling the truth.
2. Google is lying and is absolutely certain that it can never, ever be proven.
3. Google's executives are idiots.
I know 3 is false, and arguably it would have to be true for Google's execs to believe that their lies could never be proven, per 2. I think they're telling the truth.
(Disclaimer: I should mention that I work for Google. However, if the PRISM allegations were supported, I probably wouldn't be working for Google much longer, and neither would an awful lot of other people, including many who are far more talented and valuable than I am.)
I'm guessing MIT haven't tapped Google's fibre like the NSA so are doing it on a consent based basis, but no, I haven't read TFA.
I don't think tapping Google's fiber would do the NSA that much good. All traffic between gmail servers and gmail users is encrypted. They could get traffic between Google's SMTP servers and other mail providers, because although Google uses SMTP over TLS when talking to any other provider that supports it, few do, but messages between gmail accounts are never transmitted in cleartext.
If you argue that the NSA can lean on certificate authorities to let them spoof Google certs, I think that approach is unlikely to succeed. First, even if CAs cooperated the NSA would need to use it sparingly, because it's likely that eventually someone would notice that they're getting different -- though apparently valid -- certs, especially since all valid certs from Google should be issued by Google's CA. Second, the fact that Chrome pins all Google certs by default makes the odds of discovery even higher. In fact, that's how the DigiNotar compromise was surfaced; someone tried to use the compromised signing key to spoof a Google cert and Chrome threw up big red error pages.
The tool shows what the NSA could know about you if they had access to your gmail. However, Google rather staunchly maintains that the NSA does not have any access to Google user data, with the exception of specific information about specific individuals when proper legal documentation has been provided and reviewed by Google's legal team, and even then the NSA does not have access to Google's servers; Google retrieves the specific data requested by the order and delivers it to the requestor.
In addition to the previous public statements, David Drummond just published the following op-ed in faz.net (in German): http://www.faz.net/aktuell/wirtschaft/unternehmen/gastbeitrag-von-david-drummond-gleichgewicht-zwischen-sicherheit-und-buergerrechten-12272710.html. Here's a Google+ post that contains an English translation: https://plus.google.com/u/0/105603626919803672092/posts/bT7ndyhJmUk
Unless Google is flat-out lying of course. I don't believe that is true; I don't think Google could be legally compelled to lie, and I don't think the CEO and legal counsel legally can lie to the public, but you have to make your own evaluation on that point.
The US spends $8 per passenger flight. The Israeli's spend $80.
So, all you need to do is find 50-60 billion dollars a year to get the US up to Israel's standard.
It would cost a lot more than that.
Airports would have to be completely redesigned to provide massive security processing halls, staffed by hundreds, if not thousands, of security personnel to handle the high volumes of US air travel at major airports. Passengers would also have to be willing to accept 1-2 hours going through security as a norm, with particularly busy times and days being even worse. They would also have to accept having all of their bags hand-searched and being questioned about any unusual items, and they would have to accept being interrogated in detail about their reasons for travel, what they did, where they went, who they met with... and they would have to accept the investigators actually checking up on their statements. And if they ever got comfortable with this, they'd have to accept further increases in the level of scrutiny, because the whole purpose of all of it is to make them uncomfortable and nervous, so that the security personnel can watch their reactions.
If you've ever been through Israeli security, you know that you don't want to go through that ordeal on a regular basis.
Don't you mean paint it white? Otherwise, it will absorb heat instead of reflect it.
No, black. As well as absorbing energy better, black surfaces also emit energy better. That's actually why the SR-71 Blackbird is black, because the black paint helps it to cool faster.
The GP mentioned putting a mirror in front of it to block incoming radiant energy, and the black paint would help it radiate.
This is just Google collecting all of the worlds data, just like they said they were doing to do.
The Droid X2 was released on May 11, 2011. Google announced their intention to acquire Motorola Mobility on August 15, 2011, and completed the acquisition on May 22, 2012.
You're right, Google isn't known for shutting down services randomly.
Only services that don't have much usage. I submit that maps and streetview are not in that category.
Google owns the data and all its redistribution rights. It can choose to restrict access whenever it wants.
But why would it?
This is significantly different. Slashdot does not have exclusive rights to redistribute what I write here.
Exclusive, no, rights, yes. After all, they just redistributed it to me.
The young'uns are mostly texting. It's annoying if you're attempting to converse with one of them
Or if they're sitting in front of you in a darkened movie theater.
I've only seen it once, and I only had to give the girl one warning. She called me a fucking asshole and told me to get the fuck out of her face, but she put the phone away and did not use it again. I almost complained to the management just for her language (this was a family movie), but decided just to let it go unless she pulled the phone out again.
However, I have also noticed that while the theater's pre-movie warnings used to be friendly, gentle reminders, they've changed to pretty stern warnings making clear that phone usage will not be tolerated and that offenders will be kicked out, not receive a refund, and potentially be asked never to return. So there has obviously been enough trouble to warrant the sterner warnings.
Come to think of it, I think that single incident was during the "friendly reminder" era.
Anything that goes cleartext is available to them - even if you use SSL to connect to your gmail server, unless you're emailing someone else on gmail it'll still go cleartext to the SMTP server at the other end.
True, unless the remote server implements SMTP over TLS. Google opportunistically uses that whenever it's available. Unfortunately, basically none of the big mail providers (other than Google) do SSMTP, and it's hit and miss on the smaller ones. They should all do it.
They are also certain to have the ability to spoof SSL certificates - not via any high-tech method, but simply by leaning on the root CAs to sign them - but I imagine they'd use that trick sparingly to avoid detection.
Very sparingly. Among other things, Chrome automatically pins all Google certs and screams loudly if a cert changes when it shouldn't. That's actually how the DigiNotar breach was discovered; someone tried to use a bogus google.com certificate and Chrome users got a bunch of red screens and complained. I suppose they could try to identify Chrome browsers and avoid MITMing those connections, but that's difficult because the TLS parameters are negotiated before the HTTP traffic begins, meaning before the useragent string is sent. They'd have to identify the browser by looking at unencrypted traffic to another destination first, and even that's a bit risky due to agent string spoofing.