<div class="gmail_quote">On 9 June 2010 13:20, Richard Pruss <span dir="ltr"><<a href="mailto:ric@cisco.com">ric@cisco.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">Way out of my narrow area of expertise here </div></blockquote><div><br></div><div>So am I but that does not appear to be stopping everyone else from interpreting the law or offering opinions. I am eminently unqualified to comment and so shall pile on. </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="im">I have a few fumbling basic question here. How much of network Ethernet/WiFi/L2/L3/l4-L7 do you feel is covered by the TIA?</div>
</blockquote><div><br></div><div>[ ... ]</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
If INTENDED RECIPIENT does not include anything that can get and one expects to forward/drop on the message, allot of things networks regularly do become implicated and possibly "BAD".<br></blockquote><div><br>
</div><div>So the elephant in the room no one is talking about is the fact that ISPs and network providers do promiscuous packet captures every day of the week on wired networks that customers presume to be secure. I'd venture that if you went and had a look at the file servers/laptops of network engineers at nearly every ISP/hoster/whatever on this list you would find that there is a pcap or three laying around that contains more data than was needed or intended - maybe even personally identifiable information and so on. </div>
<div><br></div><div>I'm not all that sure there is too much difference between a network provider collecting my PII and storing it on an engineer's laptop just because my personal data happened to transit their IX while they were analysing or debugging something - and what Google did (except in the Google case there is *some* negligence on my part for not having my wifi encrypted). </div>
<div><br></div><div><div>Meanwhile, Conroy births another half-a-dozen kittens carrying on about how Google *deliberately wrote* software to collect all of this data. "Eric Schmidt says Google loves cash!!", and other non sequiturs he barks at the Senate, as if to show the horrid depths of their packet snaffling depravity.</div>
<div><br></div><div>Sheesh. Give me a break and get out your Occam's razor. The most likely scenario is that some poor sod at Google uses tcpdump or knocks up something using libpcap and runs it on 11-13 radio interfaces in promiscuous mode and collects a heap of stuff driving 'round (hard disks are cheap compared to drive around the world AGAIN if you didn't get all the data you need). The intention would be to analyse it later to generate the necessary data to support W3C location support back in the office. Network engineers do promiscuous packet captures all the time. Grab all the data - more the better - when you can - and pore over it back in the office to get whatever the required outcome is. They might even keep the original captures around to re-run their analysis later to prove other assumptions/etc. </div>
<div><br></div><div>I have never seen anyone carefully exclude errant HTTP traffic from their captures before analysis (in the interests of privacy, the law, or anything else). </div><div><br></div><div>Unfortunately for Google, they are one of the new whipping boys of privacy on the Internet. If the AFP decided to randomly raid a bunch of ISPs they would find all sorts of packet captures in tmp directories and backup tapes containing all sorts of data to which the ISP is not entitled. </div>
<div><br></div><div>Conroy has a bug up his proverbial and wants to discredit Google as if that will somehow bolster his position on the mandatory filter. He gets a few rants in the press/senate. A bunch of people pile on in some sort of half-cocked conspiracy theory that Google is going to make off with the fact I was on Facebook when they drove past my house on the 23rd of April last year and captured data for the 15 seconds they were in range.</div>
</div><div><br></div><div>He has more important things to worry about - like the 20 000 scams and spams coming through the ... ummm ... portal.</div><div><br></div><div>$0.022 inc GST</div><div><br></div><div>-- </div></div>
David Connors (<a href="mailto:david@codify.com">david@codify.com</a>)<br>Software Engineer<br>Codify Pty Ltd - <a href="http://www.codify.com">www.codify.com</a><br>Phone: +61 (7) 3210 6268 | Facsimile: +61 (7) 3210 6269 | Mobile: +61 417 189 363<br>
V-Card: <a href="https://www.codify.com/cards/davidconnors">https://www.codify.com/cards/davidconnors</a><br>Address Info: <a href="https://www.codify.com/contact">https://www.codify.com/contact</a><br><br>