Month: September 2013

Posted in Legal Troubles

Google “Street View” car causes collision in Indonesia

Posted on by Silicon Valley Sleuthhound

Oops… big oops…

A Google Street View car hit two public transport buses and a truck in the city of Bogor, Indonesia.

Police said the car driver hit the first bus, appeared to “panic” when the bus driver responded angrily, and tried to drive off.

But in doing so the vehicle hit a second bus and then the truck, according to local media reports.

It is unclear whether anybody was hurt at the scene. Google has confirmed that an incident has taken place.

“We take incidents like this very seriously. We’re working closely with local authorities to address the situation,” Vishnu Mahmud, head of communications for Google in Indonesia, told news agency AFP.

Uh huh.

This car was apparently being driven by a human being, as opposed to being piloted by a computer, so it appears human error is to blame. Of course, humans write software, so self-driving cars are capable of crashing too… when and if that happens, it’s going to be really embarrassing for the Monster of Mountain View.

Posted in War on Privacy

Google’s Schmidt unconcerned about unchecked government surveillance of everybody, everywhere

Posted on by Silicon Valley Sleuthhound

Maybe it’s because his own company has aspirations to be a privately owned version of the NSA:

If you thought that Google chief Eric Schmidt would take a more strident tone when discussing the National Security Agency spying scandal, think again.

“There’s been spying for years — there’s been surveillance for years, and so forth. I’m not going to pass judgment on that. It’s the nature of our society,” he told New America Foundation President Anne-Marie Slaughter at a public event in New York.

But Schmidt’s biggest concern about the spying wasn’t that the privacy of individuals had been violated, or that companies like Google were being forced to give the government access to their customers’ data, the Guardian reported.

It’s the nature of our society!?

No, it’s not! The United States has this thing called the FOURTH AMENDMENT, which is a part of the Bill of Rights, the first set of amendments to the Constitution of the United States.

The Fourth Amendment states:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The NSA, as a government agency, is unquestionably violating the Fourth Amendment rights of pretty much every American with its unchecked, unrestrained spying.

Companies like Google have been complicit in the NSA’s surveillance regime by giving them access to user data. Because Google is so huge and has so many offerings, its datacenters contain a veritable gold mine of user data of enormous proportions. Those who use all of Google’s offerings are especially valuable, because Google knows so much about them. Google can offer the NSA one-stop shopping… and that makes Google very valuable to the federal government.

Years ago, Google fanboys would have dismissed the above as paranoia or conspiracy theories. They can’t do that anymore. Not in the wake of Edward Snowden’s revelations and not in the wake of Eric Schmidt’s continuing series of revealing comments.

Posted in Shoddy Security, War on Privacy

How fitting: The NSA has been *pretending to be Google* in order to covertly capture user data

Posted on by Silicon Valley Sleuthhound

There’s no low the NSA won’t stoop to in order to snoop:

[I]n some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates. One document published by Fantastico, apparently taken from an NSA presentation that also contains some GCHQ slides, describes “how the attack was done” to apparently snoop on SSL traffic. The document illustrates with a diagram how one of the agencies appears to have hacked into a target’s Internet router and covertly redirected targeted Google traffic using a fake security certificate so it could intercept the information in unencrypted format.

Documents from GCHQ’s “network exploitation” unit show that it operates a program called “FLYING PIG” that was started up in response to an increasing use of SSL encryption by email providers like Yahoo, Google, and Hotmail. The FLYING PIG system appears to allow it to identify information related to use of the anonymity browser Tor (it has the option to query “Tor events”) and also allows spies to collect information about specific SSL encryption certificates.

GCHQ, for those who don’t know, is the British equivalent of the NSA.

So much for Google’s security measures. Forced SSL may deter petty man-in-the-middle attacks from amateur hackers, but it doesn’t shield anyone from the likes of the NSA.

This isn’t to say that SSL is useless and shouldn’t be used. HTTPS is better than HTTP. But if Google was serious about security and protecting its users, it would make Gmail like Hushmail, offering the ability to encrypt entire user accounts and encrypt messages. There are enough Gmail users that offering encryption by default would have an immediate and huge effect on email security.

But, of course, if Google were to offer such encryption, it would no longer be able to read its users’ emails and place targeted ads within Gmail. Messages would be scrambled and unreadable by Google’s algorithms. So Google is never going to do what Hushmail does. It would interfere with their ability to offer “free” Gmail.