Skip to content

Recent Articles

8
Oct

Google concealed a “software glitch” in Google+ that exposed data of half a million people

Irresponsibility is their policy:

Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the incident and documents reviewed by The Wall Street Journal.

As part of its response to the incident, the Alphabet Inc. unit plans to announce a sweeping set of data privacy measures that include permanently shutting down all consumer functionality of Google+, the people said. The move effectively puts the final nail in the coffin of a product that was launched in 2011 to challenge Facebook Inc. and is widely seen as one of Google’s biggest failures.

A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.

This revelation raises the question: what other dirty laundry is the Monster of Mountain View hiding?

Google executives have clearly relished watching Facebook take incoming fire in the press on a near constant basis this year. It’s no wonder they didn’t want to come clean about their own failings. But if they truly lived by their internal motto of “don’t be evil”, then they would have disclosed this glitch in the interest of transparency. How they expected to keep it a secret indefinitely is anyone’s guess.

It’s good that Google+ is shutting down. But the company must not be allowed to wash its hands of this incident and walk away. There should be consequences.

The European Union and the United States government should launch immediate investigations into this matter and find out what other secrets Google may be keeping from its users and stockholders.

 

5
Oct

Slate writer: “I used to trust some of [Google’s] products, like Chrome. I increasingly don’t.”

People like Matthew Green are waking up to reality.

A couple of weeks ago, I noticed something strange was happening to my Google Chrome web browser. Where Chrome had always allowed me to browse the internet as an anonymous user, suddenly my browser had signed itself into my Google account.

A bit of investigation (and a visit to a nerd forum) pointed me to the cause: Chrome had logged itself in after I visited my Gmail account.

The change in Chrome’s behavior, it turns out, was not a bug. It’s part of a new technical “feature” in the browser called “identity consistency between browser and cookie jar.” Despite the gritty technical name of the feature, it represents a truly fundamental change in the way Chrome works.

For the first 10 years of Chrome’s existence, Chrome was simply a typical web browser. You had the option to sign the browser into Google—and thus take advantage of Google’s many data-sharing and cloud-synchronization options—but you never had to.

In the stroke of an update, the sign-in became mandatory: If you happened to visit a Google property, the browser would attach itself to your Google account.

To Google’s credit, it recognizes the privacy implications of this change, and simply signing the browser into Google does not immediately send your data to Google’s servers. But it brings users within an accidental click of sharing their bookmarks and browsing history with Google.

It is truly a tragedy that so many people use Google Chrome when there are better, privacy-respecting browsers available, like Mozilla Firefox. Mozilla now even makes a special mobile version of Firefox that cleans up after itself called Firefox Focus. Google will never, ever make a tool like that, because it is anathema to Google’s objective of collecting as much data about everyone as possible to monetize all of us for advertising purposes.

It was inevitable that Google would change Chrome to make it easier for it to spy on its users. We’ve been warning of this for years. Unfortunately, many people haven’t listened.

3
Oct

BlackBerry alum Jim Balsillie sounds the alarm over Google parent’s ominous plans for Toronto

And the authorities in Toronto, Ontario, Canada should heed his words.

A unit of Google’s parent company Alphabet is proposing to turn a rundown part of Toronto’s waterfront into what may be the most wired community in history — to “fundamentally refine what urban life can be.”

Sidewalk Labs has partnered with a government agency known as Waterfront Toronto with plans to erect mid-rise apartments, offices, shops and a school on a 12-acre (4.9-hectare) site — a first step toward what it hopes will eventually be a 800-acre (325-hectare) development.

High-level interest is clear: Prime Minister Justin Trudeau and Alphabet’s then-Executive Chairman Eric Schmidt appeared together to announce the plan last October.

But some Canadians are rethinking the privacy implications of giving one of the most data-hungry companies on the planet the means to wire up everything from street lights to pavement. And some want the public to get a cut of the revenue from products developed using Canada’s largest city as an urban laboratory.

“The Waterfront Toronto executives and board are too dumb to realize they are getting played,” said former BlackBerry chief executive Jim Balsillie, a smartphone pioneer considered a national hero who also said the federal government is pushing the board to approve it.

“Google knew what they wanted. And the politicians wanted a PR splash and the Waterfront board didn’t know what they are doing. And the citizens of Toronto and Canada are going to pay the price,” Balsillie said.

Emphasis is ours.

“Smart” homes, “smart” cars, now “smart” neighborhoods… it was only a matter of time. Adding data collection functionality to buildings, appliances, and even entire communities is not smart, it’s reckless and a recipe for trouble. Imagine the ability to gain control over an entire neighborhood by compromising the software that runs it.

There is nothing “smart” about these technologies.

Three cheers for Jim Balsillie. It’s nice to see such bluntness from a person of his stature.

This project should not proceed. Toronto would be wise to pull the plug and say thanks, but no thanks, to this scheme to exploit the common good for the benefit of Alphabet/Google’s unceasing, unending war on privacy.

30
Aug

Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales

Big Brother Is Watching You:

For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.

But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement.

Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others.

Remember, Google has made it their business to attempt to learn everything… EVERYTHING…. about you. The company’s aim is to eradicate the whole idea of user privacy, one blow at a time. They’ll do whatever it takes to get their hands on our data, whether convincing us to give it to them, buying it, or secretly capturing it without our knowledge.

16
Aug

Google employees protest secret work on censored search engine for China

Some of the people working for the Monster of Mountain View still have a conscience, even if their bosses don’t. Via The New York Times:

Hundreds of Google employees, upset at the company’s decision to secretly build a censored version of its search engine for China, have signed a letter demanding more transparency to understand the ethical consequences of their work.

In the letter, which was obtained by The New York Times, employees wrote that the project and Google’s apparent willingness to abide by China’s censorship requirements “raise urgent moral and ethical issues.” They added, “Currently we do not have the information required to make ethically-informed decisions about our work, our projects, and our employment.”

The letter is circulating on Google’s internal communication systems and is signed by about 1,400 employees, according to three people familiar with the document, who were not authorized to speak publicly.

Props to these brave souls for speaking up and letting management know they’re not comfortable doing secret work on a project that could result in Google collaborating with Xi’s authoritarian regime.

13
Aug

Google records your location even when you tell it not to

An important catch from The Associated Press, via The Guardian:

Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to.

An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you’ve used a privacy setting that says it will prevent Google from doing so.

Computer science researchers at Princeton confirmed these findings at the AP’s request.

The article goes on to say:

Storing your minute-by-minute travels carries privacy risks and has been used by police to determine the location of suspects. So the company will let you “pause” a setting called “location history”.

Google says that will prevent the company from remembering where you’ve been. Google’s support page on the subject states: “You can turn off Location History at any time. With Location History off, the places you go are no longer stored.”

That isn’t true. Even with “location history” paused, some Google apps automatically store time-stamped location data without asking.

For nearly ten years, this site has been chronicling Google’s war on user privacy, so this is hardly a surprising development. Nevertheless, it shows the need for regulation. Google is never going to reform its ways of its own accord. Its entire business model is based on destroying privacy. And it will go on doing so while feigning to care about its users until governments compel it to change its business practices.

21
Jul

“Google’s iron grip on Android: Controlling open source by any means necessary” gets reposted by Ars Technica

Props to Ars:

In light of the $5 billion EU antitrust ruling against Google this week, we started noticing a certain classic Ars story circulating around social media. Google’s methods of controlling the open source Android code and discouraging Android forks is exactly the kind of behavior the EU has a problem with, and many of the techniques outlined in this 2013 article are still in use today.

The idea of a sequel to this piece has come up a few times, but Google’s Android strategy of an open source base paired with key proprietary apps and services hasn’t really changed in the last five or so years. There have been updates to Google’s proprietary apps so that they look different from the screenshots in this article, but the base strategy outlined here is still very relevant. So in light of the latest EU development, we’re resurfacing this story for the weekend. It first ran on October 20, 2013 and appears largely unchanged — but we did toss in a few “In 2018” updates anywhere they felt particularly relevant.

This is a great read that demonstrates what a menacing monopoly Google is. Android, at least in the form it ships in to most people, is not a “free”, “libre”, or “open source” operating system. It is a mostly proprietary OS with some open source components. That ultimately makes it no different and no better than other proprietary mobile platforms that also utilize some free software for certain components like their web browsers.

18
Jul

EU authorities hit Google with megafine, showing they’re serious about regulating Big Tech (unlike U.S.)

Three cheers for the European Union:

European authorities fined Google a record $5.1 billion on Wednesday for abusing its power in the mobile phone market and ordered the company to alter its practices, in one of the most aggressive regulatory actions against American technology giants and one that may force lasting changes to smartphones.

The European Union’s antitrust fine of 4.34 billion euros was almost double the bloc’s fine against Google last year over the company’s unfair favoring of its own services in internet search results. The penalty’s size highlighted Europe’s increasingly bold stance against the power of American tech firms, even as officials in the United States have taken a largely hands-off approach to the companies.

The fine was coupled with remedies that would effectively loosen Google’s grip over its Android software, which is used in 80 percent of the world’s smartphones and is a key part of the Silicon Valley company’s business. Those changes, which European regulators ordered to take effect in 90 days, undercut Google’s ability to automatically include its own search and other apps in mobile devices, opening it to more competition in a market that it has dominated.

“Google has used Android as a vehicle to cement the dominance of its search engine,” said Margrethe Vestager, Europe’s antitrust chief. “These practices have denied rivals the chance to innovate and compete on the merits. They have denied European consumers the benefits of effective competition in the important mobile sphere.”

This needed to happen, badly. Big props to Margrethe Vestager, who just proved she’s serious about enforcing antitrust laws, unlike authorities in the United States, who have continually done nothing as Google (and Facebook and Amazon) have become bigger and amassed ever more power.

Google utterly dominates both mobile computing as well as search & advertising online (with the exception of Facebook’s walled garden). Yet Google has not been subjected to rigorous antitrust scrutiny by U.S. agencies. The most that ever happens is that Google gets slapped on the wrist for a privacy bugaboo or snafu of some sort. The company’s aggressive growth has not been checked or challenged at all.

23
May

Google, You Owe Us: U.K. based campaign seeks to fine Monster of Mountain View for clandestine iPhone tracking

This is great:

Google’s in trouble again over the “Safari Workaround”: the iPhone shakedown for personal information from millions of iPhone users.

In 2012, the workaround got the search giant fined by the US Federal Trade Commission (FTC) for $22.5m, fined again a year later for $17m after it got sued by dozens of states, and now has the UK’s Google You Owe Us campaign out for its own pound of flesh.

Make that a few pounds of flesh: The Google You Owe Us campaign has started the process of getting its own comeuppance, and the US fines pale in comparison to what the British group is after.

Monday marked day one in London’s high court, where the collective action is suing the company for what could be as much as £3.2bn (USD $4.3b), according to court filings.

The campaign even has its own beautifully crafted website, which is totally worth checking out.

18
May

Multiple Google employees quit over company’s machine learning contract with the Pentagon

Bravo to these folks for taking a stand. Bravo!

It’s been nearly three months since many Google employees—and the public—learned about the company’s decision to provide artificial intelligence to a controversial military pilot program known as Project Maven, which aims to speed up analysis of drone footage by automatically classifying images of objects and people. Now, about a dozen Google employees are resigning in protest over the company’s continued involvement in Maven.

The resigning employees’ frustrations range from particular ethical concerns over the use of artificial intelligence in drone warfare to broader worries about Google’s political decisions—and the erosion of user trust that could result from these actions. Many of them have written accounts of their decisions to leave the company, and their stories have been gathered and shared in an internal document, the contents of which multiple sources have described to Gizmodo.

It takes a lot of courage to give up your job in protest of your employer’s business practices. But that is exactly what these twelve people have done. They have refused to compromise on their principles after learning what was going on. They couldn’t go on at Google because they knew Google was doing something immoral.