[AusNOG] Google creepier than Conroy?

Mark Smith nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org
Sun May 30 09:19:43 EST 2010 

On Sun, 30 May 2010 08:40:21 +1000
"Bevan Slattery" <Bevan.Slattery at staff.pipenetworks.com> wrote:

> OK.  I'll wade in here.  I am actually very concerned that a forum for
> supposed Network Operators experts isn't deeply concerned by the
> developments of the Google Street View/War Drive initiative.
> 
> Regardless of where you sit with Sen Conroy and the current governments
> RC plan on filtering, and regardless of whether you think the two are
> linked, the fact is that it would appear some very serious breaches of
> privacy legislation and the Telecommunications Act may have occurred.
> 

Remember the old, "assumed innocent until proven guilty"? I'd want to
see the evidence of a breach before I make a judgement, and I certainly
won't place any value on Conroy's assumption of guilt. Considering what
he considers me to be guilty of supporting because I'm against the
Internet filter, I don't place any value at all on his judgements.

Charge Google with a privacy breach if a case can be made, and
let the courts sort it out. That's what they're for.

Here's Google's explanation -

http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html

"So how did this happen? Quite simply, it was a mistake. In 2006 an
engineer working on an experimental WiFi project wrote a piece of code
that sampled all categories of publicly broadcast WiFi data. A year
later, when our mobile team started a project to collect basic WiFi
network data like SSID information and MAC addresses using Google’s
Street View cars, they included that code in their software—although
the project leaders did not want, and had no intention of using,
payload data."

So it seems it is as simple an accident of not putting -s 12 on the
tcpdump command line, and code being used outside of the context it was
initially designed to operate in - a quite typical reason for security
breaches.



> The flagrant disregard for what it is alleged to have occurred is breath
> taking.  Based upon reports (which are yet to be substantiated) there
> has been a systematic and intentional approach to intercepting
> telecommunications services and misappropriate data that was in the most
> part meant to be a private transmission between the user and their home
> DSL wireless gateway.
> 
> This user data which would include unencrypted user:pass information,
> application information and plain text in communications, mac addresses,
> IP addresses etc. has been captured for an assumed geo-coding exercise
> to map this information to homes and or individuals.
> 
> As an industry participant, I am stunned by the level of apathy within
> our industry over what has been alleged.  I am deeply concerned that ANY
> organisation would conduct such a systemic abuse of peoples right to
> privacy and let alone the laws of the country they are operating in
> (with respect to interception).  Before I hear people come bleating
> forward and explain to me that people should have encrypted their
> networks, I say that most users failure to encrypt their home networks
> is a direct result of a lack of education from the Government and our
> industry.  These interception laws (and privacy laws) were designed to
> protects users from exactly this type of activity.
> 
> If this were the Federal Government conducting this war drive and taking
> user data, or perhaps another countries government (say China) taking
> this data from Australia, or perhaps organised crime (Russian mob) I
> wonder how the reaction would be?
> 
> This *is* very, very creepy.  This *is* very, very concerning.  To make
> light of what appears to be possibly the single largest unlawful and
> intentional interception (and possibly theft) of user data in the world
> by an organisation deserves the greatest level of scrutiny and
> investigation regardless of the organisation that is alleged to have
> undertaken it.  Google needs to come clean and restore it's brand and
> integrity as fast as possible.  Coming forward and saying it was a
> 'mistake' and we're going to delete the data is simply not going to cut
> it.  There needs to be a full disclosure of what happened from soup to
> nuts and only at that point can we have a meaningful conversation about
> what really occurred, why it occurred and how to stop it from occurring
> again.
> 
> On this one, Conroy is right.
> 
> [b]
> 
> 
> 
> > -----Original Message-----
> > From: ausnog-bounces at lists.ausnog.net 
> > [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Matthew 
> > Moyle-Croft
> > Sent: Wednesday, May 26, 2010 2:23 PM
> > To: Andreux Fort
> > Cc: ausnog at ausnog.net
> > Subject: Re: [AusNOG] Google creepier than Conroy?
> > 
> > 
> > On 26/05/2010, at 1:40 PM, Andreux Fort wrote:
> > 
> > > Australian Minister Calls Google 'Creepy'
> > 
> > Well, Google does have an army of virtual spiders that creep 
> > around the intawebz indexing content.  
> > 
> > So, in some ways he's right.   However, the web that Conroy 
> > wants to weave over the Australian internet makes me much more scared.
> > 
> > MMC
> > (Who isn't afraid of spiders generally)
> > _______________________________________________
> > AusNOG mailing list
> > AusNOG at lists.ausnog.net
> > http://lists.ausnog.net/mailman/listinfo/ausnog
> > 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

More information about the AusNOG mailing list