What is the outcome that you think is just? Should executives go to jail? Should an independent commission be established by the UN to investigate? Should Google pay every man woman and child in 28 countries that might have been 'violated', some amount of money? Does Google need to cease to exist because of this? Is bad PR enough? Be broken up into separate companies? How about a donation/creation to/of a Wifi Education charity?
I don't care too much -- the courts will decide. Hopefully the decision will stay with the courts because entities such as the DOJ tend to get too political in their processes. I'm merely saying this:
1. Google should not have done this
2. Google should have more respect for privacy
3. People defending Google's actions here have no case.
I'm not interested in lobbying for remedial action etc. I just see a ton of people defending a dumb (potentially deliberate - claimed to be accidental) action, with all kinds of dumb logic and dumb analogies - and it irks me, so I commented.
You are the one claiming they 'wanted' to 'violate' people's 'privacy' in this case.
No - I'm merely saying they did snoop people's data (which they did), and that they should not be doing that.
.
You must be trying to intentionally misread what I am saying I guess
No - you said "show me what harm befell them", and I'm telling you that harm isn't necessary to condemn this action.
.
Fine, they were wrong before. I happen to have a little optimism left that they are being as truthful as they can be in this scenario
The only thing thay they have admitted to so far, is the only thing that can be verified externally. I haven't suggested any conspiracy/cover-up etc. -- but I have no reason to trust them in privacy matters anymore.
.
Yes, and you haven't used hyperbole AT ALL either in this discussion, lol. Goose, meet gander....It may be lame, but most excuses are. "Why didn't you take out the trash?" "I was watching TV."....Yes, that is exactly what I am saying. Google was sent here by God to do His work and you shall bow down before them, heathen.....Haha, you are hilarious. Kettle, pot, meet black"
No point in continuing this conversation.
.
Your.Net crash dump example
1) Data in a crash dump isn't a feature.
2) It's orthogonal to the current case -- the users has to take an action to submit a crash dump
3) If there's something wrong there, condemn that too. Don't use it to let other offenders off the hook.
If a lame money-grab class action lawsuit and a bunch of bad PR isn't 'screwing over' I don't know what is.
Why do you keep needing to refer back to the 'money grab lawsuit'? You can oppose a money grab lawsuit and still condemn Google.
.
I am saying that it is understandable, and that it probably wasn't illegal
It is illegal in Germany and UK - and potentially in the US (people are still analysing that). And again -- you're saying it's "understandable" that Google should want to violate people's privacy? Why, do you give them so much slack, and no slack for the tech-phobic users?
.
I am in fact 'clutching at' the law
Show me the part of the wiretapping act that says that harm has to befall a person for wiretapping to be illegal.
.
What you are suggesting is akin to saying 'People shouldn't be allowed to listen to the police band just because we say so'.
No -- you keep trotting out analogies, and they keep failing the logic test. The analogy will only hold when you demonstrate that a novice user with open wifi does not expect privacy.
.
Is it reasonable or unreasonable to not know the difference between two open wifi systems and actually check?
It is unreasonable to not err on the side of caution. i.e. the decision should be "hmm.. we have no way of distinguishing between private open WiFi and public open WiFi -- so we cannot turn on this feature". Even for public WiFi they should not get anyone else's data. They are welcome to use the hotspot. They are not welcome to monitor your data.
.
The very nature of wifi means you are receiving other people's transmissions
Same case with Ethernet in the same collision domain. Is it okay for you to snoop someone else's data in that scenario? Talk sense man!
.
I am not treating tech challenged people with scorn
Every time I mention tech-challenged users, your response starts with "if they are too stupid..."
.
Again, Google has claimed they have not used the stored data
They first claimed they weren't gathering the data at all. Their claims are not worth much.
.
and have been pretty open about the collection
Really? First they denied it. Then they backtracked and offered a lame excuse.
.
If these people are so outraged about Google doing it, then the scary part is the people who really mean them harm
What? So you're saying Google is to be conferred some status as benevolent do-gooder who we can blindly trust?
.
Why aren't you saying 'Microsoft allows users data to be stolen with malware..
I read TFA. It didn't seem to be about MS. Classic strawman.
.
Apparently it is so easy to test and debug every line of code and code review things...
It's freaking hard to design/develop/test/debug/deploy stuff, and maintain it (and maintain the data it generates). Freaking hard. That's why features don't 'accidentally' end up in products. It takes work to get them there.
.
Wanting your data to be private and it actually being private are two different things. You actually have to make an effort to have privacy in communications.
Yet again, you fail to allow for people who don't know what they have to do to make their data private. And by doing so, yet again, you attempt to give goog a free pass to take advantage of people's ignorance.
.
discuss in bar.. credit card transaction.. walked by open window..
When are you going to tire of invalid analogies?
.
it isn't like Google is in some special class of cavalier
The thread is about this issue, so this is the issue I'm discussing. No special treatment.
Trying to 'screw over' google for this particular issue is dumb.
Screwing over google is a stretch. We're at the point where I'm saying "they did a bad thing" and you're saying "no, what they did was acceptable".
.
What harm befell them due to Google's reckless hatred for their wlans
The same harm that befalls anyone that's had their phone tapped w/o a warrant. You're clutching at straws if you have to fall back on "what harm befell them" .
The only harm the lead plaintiffs mentioned in the article are facing is the ridicule of them admitting now how stupid they are not to secure their wireless transmissions.
Why narrow it down only to the lead plaintiffs? Why omit thousands of tech-challenged users? And why treat tech-challenged users with so much scorn? You keep ignoring their scenario again, and again, and calling them stupid etc. Unbelievable!
.
Because the right person wasn't found, or the wrong person thought they knew the answer.
Ever so ready to excuse Goog's incompetance. Not ready to give an inch to tech-phobic users. Extremely unreasonable.
.
I actually worked at DoubleClick for 7 years.... As many times as they (DCLK) were under fire for privacy things, I can tell you it was all a bunch of BS.
You have faith in DCLK/Goog having been an insider. Outsiders do not have that level of trust. They have no reason to have that level of trust. They cannot examine everyone who gets their hands on their private data and decide who is good and who is bad. Your attitude towards end-users is extremely distasteful, and your attitude to privacy and compliance is extremely cavalier, and if your views are in any way representative of Google's employees and then it's fair to say that Goog's apology on this matter was not sincere, they do not understand what they did wrong, they see the issue as a mere PR gaffe, and they won't make any real change in how they operate. If so, that is actually an insightful revelation to me. I welcome any comments you have on this matter (d-click & goog's general thinking on issues like this) -- I didn't realize you were this close to the matter, and I would consider that very informative.
.
This was an internal tool. If you want to froth at the mouth about, I can't stop you, but I think there is a disconnect in the quality level of code you seem to expect.
It's not an internal tool when it's gathering public data and feeding it to servers. It's real production code, with an internal customer. It's not some random command line utility put together in 2 hours. Is google really that cavalier about everything they do? I find this really hard to digest. In a past life, I worked in the IT department of a large brick and mortar bookstore chain that was like well-oiled machinery compared to what you're describing.
In fact, your point about the router companies (which might even be valid) is really distasteful because of the way you excluded Google in that. It's like you're coming up with all kinds of arguments and analogies by which you can point the blame at the end-user, at the equipment maker, at anyone except Google!! You're giving them a free pass my friend. No corporate entity deserves that.
No, it isn't okay to screw people over who *aren't* ignorant.
Err.. what? So it is okay to screw over people who *are* ignorant? How does this tie back to your comment that "ignorance isn't Google's fault". I hope that's not what you're saying, but I don't see how else to interpret that...
.
You can feel free to screw yourself over with ignorance.
These people didn't screw themselves over with their ignorance. They were screwed, by Google, because of their ignorance.
.
There is no evidence of malicious intent
Oh well, I guess it's okay then. Let's ignore that Google has a practical application for all the network traffic data they get (fine-tuning their search algos). Let's ignore that their story doesn't add up (how the hell do hundreds of lines of code get into your product without you knowing about it. Who did the code-review? Who wrote the test cases? If nobody tested it, why didn't anyone get suspicious when the code-coverage numbers didn't add up? When the German govt. asked them the first time, why did they supply the wrong answer (i.e. how deep did that question reach, inside Google and the teams that worked on this). Where are these logs accumulating, and which team inside Google is silently picking up the tab for all that storage, but never asking any questions about this mysterious line-item that's eating their budget? Do they not have *any* privacy checks/compliance audits in their design/test/release processes? Bottom line: either there was malicious intent, or there was staggering incompetance. Either way, the investigation/criticism/public outcry are warranted.
.
and even if it was done deliberately, there is no reason to think that it was illegal to capture these broadcasts, at least in many locales.
"no reason to think it was illegal"?? It may or may not be illegal in all locales, but it is in many. There is reason to think it's illegal in any/all locales, and there is reason to lobby for it to become illegal in locales where it isn't, and there is reason to lobby against companies that do this no matter what the local laws. The reason is simple: to protect people's privacy -- irrespective of their tech-savvyness.
.
Like I said, if you wanted to target someone who actually had a chance to both prevent the ignorance, and protect their customers, then the class action should be targeting Netgear, Linksys, Dlink, etc.
?????????
How on god's green earth do you hold those companies culpable but not Google? I'm not saying I agree with this point -- but let's say I do. Then by your argument they are selling a product with a gaping security flaw, and Google is exploiting that gaping security flaw. But you'll take the router dudes to task, and give the attacker a free pass, as opposed to going after all of them??
If users don't know, don't want to know, and don't want to get someone to help them, it's their own damn fault
If they do not know (about WEP/WAP) then by definition they cannot not want to know, and they cannot not want to get someone to help them. Logic 101. They don't percieve a problem in their wildest dreams. Why will they seek out a solution, for a problem they don't know about???
(I'd figured I wouldn't have to repeat this here, but apparently you didn't read the many other comments disagreeing with you).
Majority opinion is not necessarily correct. Repeating yourself does not make you correct. Your argument fails a logic test.
...silly argument analogy...
You guys just keep harping on about this one silly analogy (I think we should call it the Backyard Nudist analogy -- they all come to the same thing), but keep failing the logic test. I'm tired of shooting down these silly analogies, only for someone to come and try the exact same one with a fractionally differnet scenario. The burden of proof is still on you to prove that non-technical people setting up WiFi connections do not expect privacy. Prove that they do not expect privacy, and your analogy will hold. Until then, it's just a silly analogy.
I'm saying they shouldn't expect privacy, because the technology doesn't provide it.
They don't know this.
.
If you expect privacy, turn on encryption. If you don't understand it, do what I do when I need something I don't understand fixed (like my car's brakes). Pay someone.
If you don't know you have a problem to begin with, why would you approach someone to fix said problem?
So now being ignorant is an excuse for being able to sue people?
No - having your private network traffic snooped without your permission is the 'excuse'. It's okay for Goolge to be magically (and suspiciously) 'ignorant' of what their own code is doing -- but it's not okay for users to be ignorant?
.
Why do people even go to school anymore?
So you expect every single person in the world to know about WAP/WEP/router configuration? You're going to fail the grandma test on that you know.
.
We should all shut down our brains and be idiots for the rest of our lives, so we can accuse the people on the other side of all our failed actions and interactions of "taking advantage of us" and make them PAY.
Maybe you should set a slightly higher bar for Google, instead of setting such a high bar for every single individual that owns a WiFi router, however low-IQ, right-brained, elderly, etc. they might be?
.
There may be an expectation of privacy, but it's an UNREASONABLE one.
Saying it (even with all caps) does not make it so.
She could be an idiot. Or she has a purely administrative job at her tech company, and is actually tech-phobic. Either way - she's not the only one affected by this. You still need to account for novice/tech-phobic/tech-challenged users the world over who are simply ignorant of WAP/WEP etc.
Correct. But that (believe it or not) isn't the point.
OP used some analogy about people naked in their yards. I used a rape analogy. The point behind the analogies isn't to prove that snooping wifi is a crime. It is to prove that *ease of committing said act/crime* is not what makes it *not-a-crime*.
No matter how juicy the invitation? So you're saying that a girl wearing trashy clothes is a juicy invitation to rape?
No.
.
I disagree.
Good. We agree then.
.
Nice try at turning things around though. The point is *whatever is the line at which a person might get tempted* crossing the line (raping) is not ok.
.
An open WAP, however, is an invitation
Stating it does not make it so. How is it an invitation?
.
anyone walking past with a Windows laptop with the wrong box ticked in the network settings will automatically connect and start using the network!
Explain that to a novice user who doesn't understand encryption/WEP/WAP/anything. You keep ignoring this point. You have a burden of proof here. You need to demonstrate that a person with no understanding of tech stuff, *does not expect privacy* when setting up a WiFi router with default (hence unsecured) settings.
.
The comparison to rape is not valid. Pretty much everyone accepts that rape is a crime. Lots of people don't accept that what Google did was a crime.
A little circular, no? The analogy can't fail based on your acceptance/denial of WiFi snooping as a crime! You have to fail the analogy on some other ground (whatever it might be), which will then help you illustrate that snooping open WiFi is not a crime.
.
Further, rape pretty much implies intent. Google has a very plausible explanation showing they didn't intend to do it.
Google has intent and motivation -- they get data that they can mine to fine-tune their algorithms. Their explaination is so far away from plausible it isn't even funny. They *accidentaly* left in a few hundred lines of code that connect to open WiFi networks and log data? ACCIDENTALLY?? Nobody spotted this in a code review? Nobody noticed the logs sitting there consuming diskspace (there's a cost to storing PBs of logs -- some team within google would be picking up the tab for it)? The first time the German govt. asked them about it, everyone involved with the project forgot about this code, or they never really bothered to ask the people that acutally worked on the project, and accidentally said they were not gathering this data?
If you believe that BS, I have a small island I want to sell you..
In fact, your argument reminds me of the line of thought where (some) people say stuff like "she was asking to get raped -- did you see what she was wearing?"
No matter how juicy the invitation -- a crime is a crime.
It's no different to standing on your front lawn naked for everyone to see, and then being upset when the streetview van snaps you naked.
But there are huge holes in that analogy.
Standing naked in your yard is something you would not unintentionally / unknowingly do. Tech-challenged users might not know anything about WEP/WAP/etc. and might not even in their wildest dreams have thought that everyone can access their WiFi willy-nilly. It's not the same thing. People absolutely do setup have an expectation of privacy when they setup their routers -- even if they have never actually thought about it. Especially if they have never thought about it -- it's basically expected of a user who knows nothing computer related. Google shouldn't be taking advantage of their ignorance.
the Windows 3/2.x Presentation Manager interface that MS kept pushing was pathetic
Presentation Manager was driven by IBM with some paradigms carried over from their other platforms Reference. And another reference. So you're claiming MS designed (or 'kept pushing') Presentation Manager and Windows 3.x simultaneously, but chose a different co-ordinate system altogether?
First you said this: "OS/2 2.0 written by IBM and... oh... just IBM... "
Now you're saying this: "Microsoft and IBM worked jointly on OS/2 1.x"
So excuse me a minute while I question your credibility.
.
Next, you're claiming this: IBM rewrote massive (ie: most) portions of OS/2 without Microsoft's work or input for OS/2 version 2.0 and onwards.
The massive re-write was version 3.0 I'm afraid. And it was done my Microsoft. And it ended up being called Windows NT. Reference. IBM needed to rewrite as well: but not to remove MS code. It was because of their initial bad decision to target the 286 - and the need to modernize for the 386 (protected mode, pre-emptive multitasking, etc.)
.
Switching topics for a second: why do you think companies fund research in universities? For shits and giggles?
No, I dont. But that doesnt mean the company innovated.. *explaination omitted*
They have a research department, and a research budget, and areas they target for research. They funded some good research, and brought it to frution as a product. Your definition of innovation seems to simply exclude any and everything done by Microsoft. To each their own. Peace to you brother.
.
Those innovations though, simply do not include the ones listed by the OP.
So your purpose is just to pedantically keep rubbing his nose in it (with dubious facts and logic, if I may add)?
No, YOU are ignorant of history, OS/2 2.0 written by IBM and... oh... just IBM... it was in beta in 1990, already had SOM/DSOM. COM came out in 1993. Microsoft, who had a cross license agreement to the SOM/DSOM (and other OS/2) technology
I guess you'll just say anything you can to make your point -- truth be damned.
The key to security isn't simply a native client implementation
A native client implementation implies native code execution: not insecure by default, but one step closer to insecure, compared to anything executing in some runtime environment.
but also an exceptionally secure OS to accompany it.
That would be an assumption, and a slightly premature one.
You're seeing an overly rosy picture of it. The implementation is not architecture agnostic, so you need to build for multiple targets. Apps have virtually no frameworks they can take advantage of -- you need to serve up the entire app each time. Apps will have a finite size, so instant-on can't be guaranteed (especially as app complexity/size increases). Caching apps for speed will become necessary, which means you have to have a way of checking for staleness / updates. All app developers might not be okay with using a google sign-on as your single point of auth. Enterprises especially will not be okay with this.
I don't know why you conclude that you'll never have to worry about security, viruses, or malware either. I do understand that the native client is a sandbox, but you shouldn't read the word "sandbox" and automatically assume that nothing can go wrong. There will be a need for interprocess communication, there could always be flaws in the sandbox (especially considering you have differnet implementations for different architectures), there will be holes in the apps themselves (so even if your system isn't getting compromised, your data could be, and a cached app could be in a persisted bad state for a length of time).
Seems kinda backward. Take all this trouble to convince people that the web is where it's at, and then engineer in some complex native client to work around the shortcomings of the web as an app platform. Not to mention that the native client is not architecture neutral.
This move has security implications as well. And if the majority (or all) of your apps are online, there will be more apps that have some native client code than the typical number of active-x controls you would install (so higher exposure to possible security issues).
Not saying it's a bad idea, or inherently insecure or anything. Just that this is hardly a reason to trumpet Chrome OS -- rather, the fact that Google is doing this, is proof positive that they too are not 100% convinced about their approach of moving all apps to the web.
Slashdot Mirror
What is the outcome that you think is just? Should executives go to jail? Should an independent commission be established by the UN to investigate? Should Google pay every man woman and child in 28 countries that might have been 'violated', some amount of money? Does Google need to cease to exist because of this? Is bad PR enough? Be broken up into separate companies? How about a donation/creation to/of a Wifi Education charity?
I don't care too much -- the courts will decide. Hopefully the decision will stay with the courts because entities such as the DOJ tend to get too political in their processes. I'm merely saying this:
1. Google should not have done this
2. Google should have more respect for privacy
3. People defending Google's actions here have no case.
I'm not interested in lobbying for remedial action etc. I just see a ton of people defending a dumb (potentially deliberate - claimed to be accidental) action, with all kinds of dumb logic and dumb analogies - and it irks me, so I commented.
You are the one claiming they 'wanted' to 'violate' people's 'privacy' in this case.
No - I'm merely saying they did snoop people's data (which they did), and that they should not be doing that.
.
You must be trying to intentionally misread what I am saying I guess
No - you said "show me what harm befell them", and I'm telling you that harm isn't necessary to condemn this action.
.
Fine, they were wrong before. I happen to have a little optimism left that they are being as truthful as they can be in this scenario
The only thing thay they have admitted to so far, is the only thing that can be verified externally. I haven't suggested any conspiracy/cover-up etc. -- but I have no reason to trust them in privacy matters anymore.
.
Yes, and you haven't used hyperbole AT ALL either in this discussion, lol. Goose, meet gander....It may be lame, but most excuses are. "Why didn't you take out the trash?" "I was watching TV."....Yes, that is exactly what I am saying. Google was sent here by God to do His work and you shall bow down before them, heathen.....Haha, you are hilarious. Kettle, pot, meet black"
No point in continuing this conversation.
.
Your .Net crash dump example
1) Data in a crash dump isn't a feature.
2) It's orthogonal to the current case -- the users has to take an action to submit a crash dump
3) If there's something wrong there, condemn that too. Don't use it to let other offenders off the hook.
Screwing over google is a stretch.
If a lame money-grab class action lawsuit and a bunch of bad PR isn't 'screwing over' I don't know what is.
Why do you keep needing to refer back to the 'money grab lawsuit'? You can oppose a money grab lawsuit and still condemn Google.
.
I am saying that it is understandable, and that it probably wasn't illegal
It is illegal in Germany and UK - and potentially in the US (people are still analysing that). And again -- you're saying it's "understandable" that Google should want to violate people's privacy? Why, do you give them so much slack, and no slack for the tech-phobic users?
.
I am in fact 'clutching at' the law
Show me the part of the wiretapping act that says that harm has to befall a person for wiretapping to be illegal.
.
What you are suggesting is akin to saying 'People shouldn't be allowed to listen to the police band just because we say so'.
No -- you keep trotting out analogies, and they keep failing the logic test. The analogy will only hold when you demonstrate that a novice user with open wifi does not expect privacy.
.
Is it reasonable or unreasonable to not know the difference between two open wifi systems and actually check?
It is unreasonable to not err on the side of caution. i.e. the decision should be "hmm.. we have no way of distinguishing between private open WiFi and public open WiFi -- so we cannot turn on this feature". Even for public WiFi they should not get anyone else's data. They are welcome to use the hotspot. They are not welcome to monitor your data.
.
The very nature of wifi means you are receiving other people's transmissions
Same case with Ethernet in the same collision domain. Is it okay for you to snoop someone else's data in that scenario? Talk sense man!
.
I am not treating tech challenged people with scorn
Every time I mention tech-challenged users, your response starts with "if they are too stupid..."
.
Again, Google has claimed they have not used the stored data
They first claimed they weren't gathering the data at all. Their claims are not worth much.
.
and have been pretty open about the collection
Really? First they denied it. Then they backtracked and offered a lame excuse.
.
If these people are so outraged about Google doing it, then the scary part is the people who really mean them harm
What? So you're saying Google is to be conferred some status as benevolent do-gooder who we can blindly trust?
.
Why aren't you saying 'Microsoft allows users data to be stolen with malware..
I read TFA. It didn't seem to be about MS. Classic strawman.
.
Apparently it is so easy to test and debug every line of code and code review things...
It's freaking hard to design/develop/test/debug/deploy stuff, and maintain it (and maintain the data it generates). Freaking hard. That's why features don't 'accidentally' end up in products. It takes work to get them there.
.
Wanting your data to be private and it actually being private are two different things. You actually have to make an effort to have privacy in communications.
Yet again, you fail to allow for people who don't know what they have to do to make their data private. And by doing so, yet again, you attempt to give goog a free pass to take advantage of people's ignorance.
.
discuss in bar.. credit card transaction.. walked by open window..
When are you going to tire of invalid analogies?
.
it isn't like Google is in some special class of cavalier
The thread is about this issue, so this is the issue I'm discussing. No special treatment.
Trying to 'screw over' google for this particular issue is dumb.
Screwing over google is a stretch. We're at the point where I'm saying "they did a bad thing" and you're saying "no, what they did was acceptable".
.
What harm befell them due to Google's reckless hatred for their wlans
The same harm that befalls anyone that's had their phone tapped w/o a warrant. You're clutching at straws if you have to fall back on "what harm befell them"
.
The only harm the lead plaintiffs mentioned in the article are facing is the ridicule of them admitting now how stupid they are not to secure their wireless transmissions.
Why narrow it down only to the lead plaintiffs? Why omit thousands of tech-challenged users? And why treat tech-challenged users with so much scorn? You keep ignoring their scenario again, and again, and calling them stupid etc. Unbelievable!
.
Because the right person wasn't found, or the wrong person thought they knew the answer.
Ever so ready to excuse Goog's incompetance. Not ready to give an inch to tech-phobic users. Extremely unreasonable.
.
I actually worked at DoubleClick for 7 years .... As many times as they (DCLK) were under fire for privacy things, I can tell you it was all a bunch of BS.
You have faith in DCLK/Goog having been an insider. Outsiders do not have that level of trust. They have no reason to have that level of trust. They cannot examine everyone who gets their hands on their private data and decide who is good and who is bad. Your attitude towards end-users is extremely distasteful, and your attitude to privacy and compliance is extremely cavalier, and if your views are in any way representative of Google's employees and then it's fair to say that Goog's apology on this matter was not sincere, they do not understand what they did wrong, they see the issue as a mere PR gaffe, and they won't make any real change in how they operate. If so, that is actually an insightful revelation to me. I welcome any comments you have on this matter (d-click & goog's general thinking on issues like this) -- I didn't realize you were this close to the matter, and I would consider that very informative.
.
This was an internal tool. If you want to froth at the mouth about, I can't stop you, but I think there is a disconnect in the quality level of code you seem to expect.
It's not an internal tool when it's gathering public data and feeding it to servers. It's real production code, with an internal customer. It's not some random command line utility put together in 2 hours. Is google really that cavalier about everything they do? I find this really hard to digest. In a past life, I worked in the IT department of a large brick and mortar bookstore chain that was like well-oiled machinery compared to what you're describing.
In fact, your point about the router companies (which might even be valid) is really distasteful because of the way you excluded Google in that. It's like you're coming up with all kinds of arguments and analogies by which you can point the blame at the end-user, at the equipment maker, at anyone except Google!! You're giving them a free pass my friend. No corporate entity deserves that.
No, it isn't okay to screw people over who *aren't* ignorant.
Err.. what? So it is okay to screw over people who *are* ignorant? How does this tie back to your comment that "ignorance isn't Google's fault". I hope that's not what you're saying, but I don't see how else to interpret that...
.
You can feel free to screw yourself over with ignorance.
These people didn't screw themselves over with their ignorance. They were screwed, by Google, because of their ignorance.
.
There is no evidence of malicious intent
Oh well, I guess it's okay then. Let's ignore that Google has a practical application for all the network traffic data they get (fine-tuning their search algos). Let's ignore that their story doesn't add up (how the hell do hundreds of lines of code get into your product without you knowing about it. Who did the code-review? Who wrote the test cases? If nobody tested it, why didn't anyone get suspicious when the code-coverage numbers didn't add up? When the German govt. asked them the first time, why did they supply the wrong answer (i.e. how deep did that question reach, inside Google and the teams that worked on this). Where are these logs accumulating, and which team inside Google is silently picking up the tab for all that storage, but never asking any questions about this mysterious line-item that's eating their budget? Do they not have *any* privacy checks/compliance audits in their design/test/release processes? Bottom line: either there was malicious intent, or there was staggering incompetance. Either way, the investigation/criticism/public outcry are warranted.
.
and even if it was done deliberately, there is no reason to think that it was illegal to capture these broadcasts, at least in many locales.
"no reason to think it was illegal"?? It may or may not be illegal in all locales, but it is in many. There is reason to think it's illegal in any/all locales, and there is reason to lobby for it to become illegal in locales where it isn't, and there is reason to lobby against companies that do this no matter what the local laws. The reason is simple: to protect people's privacy -- irrespective of their tech-savvyness.
.
Like I said, if you wanted to target someone who actually had a chance to both prevent the ignorance, and protect their customers, then the class action should be targeting Netgear, Linksys, Dlink, etc.
?????????
How on god's green earth do you hold those companies culpable but not Google? I'm not saying I agree with this point -- but let's say I do. Then by your argument they are selling a product with a gaping security flaw, and Google is exploiting that gaping security flaw. But you'll take the router dudes to task, and give the attacker a free pass, as opposed to going after all of them??
If users don't know, don't want to know, and don't want to get someone to help them, it's their own damn fault
If they do not know (about WEP/WAP) then by definition they cannot not want to know, and they cannot not want to get someone to help them. Logic 101. They don't percieve a problem in their wildest dreams. Why will they seek out a solution, for a problem they don't know about???
(I'd figured I wouldn't have to repeat this here, but apparently you didn't read the many other comments disagreeing with you).
Majority opinion is not necessarily correct. Repeating yourself does not make you correct. Your argument fails a logic test.
...silly argument analogy...
You guys just keep harping on about this one silly analogy (I think we should call it the Backyard Nudist analogy -- they all come to the same thing), but keep failing the logic test. I'm tired of shooting down these silly analogies, only for someone to come and try the exact same one with a fractionally differnet scenario. The burden of proof is still on you to prove that non-technical people setting up WiFi connections do not expect privacy. Prove that they do not expect privacy, and your analogy will hold. Until then, it's just a silly analogy.
I'm saying they shouldn't expect privacy, because the technology doesn't provide it.
They don't know this.
.
If you expect privacy, turn on encryption. If you don't understand it, do what I do when I need something I don't understand fixed (like my car's brakes). Pay someone.
If you don't know you have a problem to begin with, why would you approach someone to fix said problem?
So now being ignorant is an excuse for being able to sue people?
No - having your private network traffic snooped without your permission is the 'excuse'. It's okay for Goolge to be magically (and suspiciously) 'ignorant' of what their own code is doing -- but it's not okay for users to be ignorant?
.
Why do people even go to school anymore?
So you expect every single person in the world to know about WAP/WEP/router configuration? You're going to fail the grandma test on that you know.
.
We should all shut down our brains and be idiots for the rest of our lives, so we can accuse the people on the other side of all our failed actions and interactions of "taking advantage of us" and make them PAY.
Maybe you should set a slightly higher bar for Google, instead of setting such a high bar for every single individual that owns a WiFi router, however low-IQ, right-brained, elderly, etc. they might be?
.
There may be an expectation of privacy, but it's an UNREASONABLE one.
Saying it (even with all caps) does not make it so.
Ignorance isn't Google's fault.
And that's your justification? It's okay to screw over people who are ignorant?
She could be an idiot. Or she has a purely administrative job at her tech company, and is actually tech-phobic. Either way - she's not the only one affected by this. You still need to account for novice/tech-phobic/tech-challenged users the world over who are simply ignorant of WAP/WEP etc.
Correct. But that (believe it or not) isn't the point.
OP used some analogy about people naked in their yards. I used a rape analogy. The point behind the analogies isn't to prove that snooping wifi is a crime. It is to prove that *ease of committing said act/crime* is not what makes it *not-a-crime*.
No matter how juicy the invitation? So you're saying that a girl wearing trashy clothes is a juicy invitation to rape?
No.
.
I disagree.
Good. We agree then.
.
Nice try at turning things around though. The point is *whatever is the line at which a person might get tempted* crossing the line (raping) is not ok.
.
An open WAP, however, is an invitation
Stating it does not make it so. How is it an invitation?
.
anyone walking past with a Windows laptop with the wrong box ticked in the network settings will automatically connect and start using the network!
Explain that to a novice user who doesn't understand encryption/WEP/WAP/anything. You keep ignoring this point. You have a burden of proof here. You need to demonstrate that a person with no understanding of tech stuff, *does not expect privacy* when setting up a WiFi router with default (hence unsecured) settings.
.
The comparison to rape is not valid. Pretty much everyone accepts that rape is a crime. Lots of people don't accept that what Google did was a crime.
A little circular, no? The analogy can't fail based on your acceptance/denial of WiFi snooping as a crime! You have to fail the analogy on some other ground (whatever it might be), which will then help you illustrate that snooping open WiFi is not a crime.
.
Further, rape pretty much implies intent. Google has a very plausible explanation showing they didn't intend to do it.
Google has intent and motivation -- they get data that they can mine to fine-tune their algorithms. Their explaination is so far away from plausible it isn't even funny. They *accidentaly* left in a few hundred lines of code that connect to open WiFi networks and log data? ACCIDENTALLY?? Nobody spotted this in a code review? Nobody noticed the logs sitting there consuming diskspace (there's a cost to storing PBs of logs -- some team within google would be picking up the tab for it)? The first time the German govt. asked them about it, everyone involved with the project forgot about this code, or they never really bothered to ask the people that acutally worked on the project, and accidentally said they were not gathering this data?
If you believe that BS, I have a small island I want to sell you..
In fact, your argument reminds me of the line of thought where (some) people say stuff like "she was asking to get raped -- did you see what she was wearing?"
No matter how juicy the invitation -- a crime is a crime.
It's no different to standing on your front lawn naked for everyone to see, and then being upset when the streetview van snaps you naked.
But there are huge holes in that analogy.
Standing naked in your yard is something you would not unintentionally / unknowingly do. Tech-challenged users might not know anything about WEP/WAP/etc. and might not even in their wildest dreams have thought that everyone can access their WiFi willy-nilly. It's not the same thing. People absolutely do setup have an expectation of privacy when they setup their routers -- even if they have never actually thought about it. Especially if they have never thought about it -- it's basically expected of a user who knows nothing computer related. Google shouldn't be taking advantage of their ignorance.
Keep pulling references - as many as you want... but I have actually programmed for PM and WPS and SOM
Paraphrased: keep providing evidence, as much as you want, but I reserve the right to keep ignoring it and twisting stuff.
the Windows 3/2.x Presentation Manager interface that MS kept pushing was pathetic
Presentation Manager was driven by IBM with some paradigms carried over from their other platforms Reference. And another reference. So you're claiming MS designed (or 'kept pushing') Presentation Manager and Windows 3.x simultaneously, but chose a different co-ordinate system altogether?
First you said this: "OS/2 2.0 written by IBM and... oh... just IBM... "
Now you're saying this: "Microsoft and IBM worked jointly on OS/2 1.x"
So excuse me a minute while I question your credibility.
.
Next, you're claiming this: IBM rewrote massive (ie: most) portions of OS/2 without Microsoft's work or input for OS/2 version 2.0 and onwards.
The massive re-write was version 3.0 I'm afraid. And it was done my Microsoft. And it ended up being called Windows NT. Reference. IBM needed to rewrite as well: but not to remove MS code. It was because of their initial bad decision to target the 286 - and the need to modernize for the 386 (protected mode, pre-emptive multitasking, etc.)
.
Switching topics for a second: why do you think companies fund research in universities? For shits and giggles?
No, I dont. But that doesnt mean the company innovated.. *explaination omitted*
They have a research department, and a research budget, and areas they target for research. They funded some good research, and brought it to frution as a product. Your definition of innovation seems to simply exclude any and everything done by Microsoft. To each their own. Peace to you brother.
.
Those innovations though, simply do not include the ones listed by the OP.
So your purpose is just to pedantically keep rubbing his nose in it (with dubious facts and logic, if I may add)?
http://pages.prodigy.net/michaln/history/pr/87apr_m3592.html
Switching topics for a second: why do you think companies fund research in universities? For shits and giggles?
No, YOU are ignorant of history, OS/2 2.0 written by IBM and... oh... just IBM... it was in beta in 1990, already had SOM/DSOM. COM came out in 1993. Microsoft, who had a cross license agreement to the SOM/DSOM (and other OS/2) technology
I guess you'll just say anything you can to make your point -- truth be damned.
No, but it validates Chrome OS being the most secure means to launch a browser, and a browser alone.
How do you figure? I don't see the connection.
The key to security isn't simply a native client implementation
A native client implementation implies native code execution: not insecure by default, but one step closer to insecure, compared to anything executing in some runtime environment.
but also an exceptionally secure OS to accompany it.
That would be an assumption, and a slightly premature one.
You're seeing an overly rosy picture of it. The implementation is not architecture agnostic, so you need to build for multiple targets. Apps have virtually no frameworks they can take advantage of -- you need to serve up the entire app each time. Apps will have a finite size, so instant-on can't be guaranteed (especially as app complexity/size increases). Caching apps for speed will become necessary, which means you have to have a way of checking for staleness / updates. All app developers might not be okay with using a google sign-on as your single point of auth. Enterprises especially will not be okay with this.
I don't know why you conclude that you'll never have to worry about security, viruses, or malware either. I do understand that the native client is a sandbox, but you shouldn't read the word "sandbox" and automatically assume that nothing can go wrong. There will be a need for interprocess communication, there could always be flaws in the sandbox (especially considering you have differnet implementations for different architectures), there will be holes in the apps themselves (so even if your system isn't getting compromised, your data could be, and a cached app could be in a persisted bad state for a length of time).
Seems kinda backward. Take all this trouble to convince people that the web is where it's at, and then engineer in some complex native client to work around the shortcomings of the web as an app platform. Not to mention that the native client is not architecture neutral.
This move has security implications as well. And if the majority (or all) of your apps are online, there will be more apps that have some native client code than the typical number of active-x controls you would install (so higher exposure to possible security issues).
Not saying it's a bad idea, or inherently insecure or anything. Just that this is hardly a reason to trumpet Chrome OS -- rather, the fact that Google is doing this, is proof positive that they too are not 100% convinced about their approach of moving all apps to the web.
Which doesn't preclude them from getting fucked over some more.