• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Google says its cars grabbed emails and passwords

AdrianH

Active member
#1
http://www.reuters.com/article/idUSTRE69L4KW20101025

Google Inc admitted for the first time its "Street View" cars around the world accidentally collected more personal data than previously disclosed -- including complete emails and passwords -- potentially breathing new life into probes in various countries.


The disclosure comes just days after Canada's privacy watchdog said Google had collected complete emails and accused Google of violating the rights of thousands of Canadians.

"If in fact laws were broken...then there's some serious question of culpability and Google may need to face significant fines," said Marc Rotenberg, the executive director of the Electronic Privacy Information Center, a Washington DC-based privacy advocacy group.

Regulators in France, Germany and Spain, among others, have opened investigations into the matter.

A coalition of more than 30 state attorneys general in the United States also have launched a joint probe.

It remains unclear how many people may have been affected by the privacy breach.

Connecticut Attorney General Richard Blumenthal, who is leading the multi-state investigation, said in a statement on Friday that Google's disclosure about the types of data it collected "validates and heightens our significant concerns," and noted that the investigation is continuing............ (more)
How the hell do you accidentally gather private data? Either your system was programmed to retrieve this data or not. How do you accidentally hack into peoples computers and steal private personal data?
 

mjp

Well-known member
#2
There was no hacking involved. A lot of people don't protect their wireless connections, and that is what they were collecting. Why they were doing that is still a valid question, but don't lose your mind. Google wasn't driving hackmobiles around your neighborhood.
 

Luke F

Well-known member
#8
How the hell do you accidentally gather private data? Either your system was programmed to retrieve this data or not. How do you accidentally hack into peoples computers and steal private personal data?
They probably just dumped all the packets they captured from unsecured wifi without considering the consequences. They would have to go to great lengths to not capture any private data.
 

dutchbb

Well-known member
#9
I find people that think Google is becoming evil funny. Like Google is going to risk their reputation because they like to gather a few emails and passwords from random people, LOL.

Maybe this is a good thing... it reminds those people to start securing their Wi-Fi before they really get hacked.
 
#11
Why people don't have their WiFi secure is a moot point and shouldn't really matter. If I leave my house unlocked it doesn't give anyone the right to come empty it out.

It's still Google who went around and presumably made use of the connection. If you or I had done this, we'd be called every name imaginable, and possibly face civil or criminal sanctions for it.
 

Shelley

Well-known member
#12
Why people don't have their WiFi secure is a moot point and shouldn't really matter. If I leave my house unlocked it doesn't give anyone the right to come empty it out.

It's still Google who went around and presumably made use of the connection. If you or I had done this, we'd be called every name imaginable, and possibly face civil or criminal sanctions for it.
Couldn't agree more. A perfect explanation and point I feel. If you can you don't always do and in this case i feel whether or not anyone person s wi-fi was not secure doesn't give anyone the right to enter. If i'm not mistaken it's against the law to use someone's open wi-fi connection without their consent?
 

Wired

Active member
#13
Guys, read up on the story before you comment on it.

http://www.guardian.co.uk/technology/2010/may/15/google-admits-storing-private-data

Google's Street View cars are fitted with antennas that scan local wifi networks and use the data for its location services.
...

Google blamed the mistake on a piece of legacy code from an experimental project that had been re-used to programme equipment on the Street View cars, and said it will ask a third party to oversee deletion of the data and its procedures.
"As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it."
Google said the discovery highlighted the vulnerability of data in open wifi networks. It has previously said other companies, including Skyhook and Microsoft, already scan wifi networks and gather information in this way.

An unlocked house isn't a great analogy for this. Imagine you having a private conversation in plain english with someone while your window was open, and someone driving by happened to hear it (and had a audio recording device going at the same time). That's a bit closer to what happened. You could have closed your windows (used a wifi password) and/or spoke in code (encryption).
Now in the real as well as the analogy above, you're not going to hear a lot because you're driving by (yes, computer transmissions are faster than us but you get the idea). However, in either case, it's entirely possible to hear a few key words (like email address / password).

Doesn't excuse Google for accidentally leaving the legacy code in, but at the same time they're being completely up front about it and helping those countries / people who are inquiring in any way they can. In short, they went "Oops, didn't know that was going on, my bad, how can I help to correct this and make you feel better?"
 

Anthony Parsons

Well-known member
#14
Most wifi routers, etc, nowadays have a setup process, and are mostly default set to asking to suppy a password, and require you to physically move the often default check from requiring a password to not.

Sorry... but I have to say morons to those who setup unprotected wifi nowadays with all the simple instructions that come with things for self install.
 
#15
Why people don't have their WiFi secure is a moot point and shouldn't really matter. If I leave my house unlocked it doesn't give anyone the right to come empty it out.
You're comparing apples to oranges here, and nobody's claiming they have a 'right' to come empty it out. Even Google is saying "Hey, we screwed up".
Now, believe me, I hate Google, with a fiery passion. They're way too big, far too unchecked and regulated, and they basically have a 'get out of jail free' card because of their size alone. HOWEVER, in this case, it's not Google that is the major problem. The major problem is the person(s) sending information that should be encrypted openly, then whining about it not being private. Hey, if your system is open, it's GOING to get hacked, it's GOING to get taken from you. This is a PERFECT example of that. Secure your systems! Open wi-fi is horrible and grossly insecure.
 

mjp

Well-known member
#16

Anthony Parsons

Well-known member
#17
Is it legal to use someone's Wi-Fi connection to browse the Web if they haven't put a password on it?
Interesting... if you make something public... can the public legally use it when its on private property? But then how does one define a signal being on private property when it exceeds private property to public property.

I must say... you're onto something there.
 

Jethro

Well-known member
#18
Is it legal to use someone's Wi-Fi connection to browse the Web if they haven't put a password on it?
Nobody really knows. "It's a totally open question in the law," says Neal Katyal, a professor of criminal law at Georgetown University. "There are arguments on both sides."

http://news.cnet.com/FAQ-Wi-Fi-mooching-and-the-law/2100-7351_3-5778822.html
If I leave my car on the street with the keys in it does that give anyone the right to use it without my consent? I would have thought this was patently obvious, though am viewing from Down Under law (don't think we have had a case yet on wifi so not sure if any examples available).
 
#19
If I leave my car on the street with the keys in it does that give anyone the right to use it without my consent?
Again, this is apples to oranges. Of course, you can't take something physical without consent. However, this is much, much deeper than that.
It has been found many times in court that what happens with a user's ip address (which is unique as it should be) is solely their responsibility. So, using a proper example here (not someone breaking into my house, my car, etc, despite doors being open):
Let's say I'm Joe user who doesn't want to secure my network.
All of the sudden, Jane hacker comes along, scans local networks and sees "ooh, I have a network I can connect to". She gets her hacking tools out and her coffee, going to town on things.
What does she do? Well, we'll assume here that she's going to be using p2p software to download things that the RIAA would throw a fit about.
Is what she's doing illegal? No, because she is simply using something that is out there. Jane Hacker doesn't know who the signal belongs to, and frankly, she doesn't care. How is Jane Hacker to differentiate between, say, community open wi-fi (which many towns have now) and some idiot's personal wi-fi? She's not.
Now, back to her current hacking activity. Once she's done, she moves down the street to Joan user who, like Joe didn't want to secure her network.

6 months later, who is responsible for Jane's activity? Is Jane? Absolutely not. She gets off scott free, because she found free internet access. Instead, Joe and Joan get to go to court to meet the big, bad RIAA, and end up paying $thousands because they were too stupid to secure their networks

Using the signal, not illegal. Nothing in the law makes it so. If that were the case, then everyone would just be forced to shut down open wi-fi as a whole. Open wi-fi isn't the problem, it's private open wi-fi (ie: that done from, say, home), and the expectation of any privacy whatsoever across any 'open' network. It aint happening!
 

Jethro

Well-known member
#20
Again, this is apples to oranges. Of course, you can't take something physical without consent. However, this is much, much deeper than that.
It has been found many times in court that what happens with a user's ip address (which is unique as it should be) is solely their responsibility. So, using a proper example here (not someone breaking into my house, my car, etc, despite doors being open):
Let's say I'm Joe user who doesn't want to secure my network.
All of the sudden, Jane hacker comes along, scans local networks and sees "ooh, I have a network I can connect to". She gets her hacking tools out and her coffee, going to town on things.
What does she do? Well, we'll assume here that she's going to be using p2p software to download things that the RIAA would throw a fit about.
Is what she's doing illegal? No, because she is simply using something that is out there. Jane Hacker doesn't know who the signal belongs to, and frankly, she doesn't care. How is Jane Hacker to differentiate between, say, community open wi-fi (which many towns have now) and some idiot's personal wi-fi? She's not.
Now, back to her current hacking activity. Once she's done, she moves down the street to Joan user who, like Joe didn't want to secure her network.

6 months later, who is responsible for Jane's activity? Is Jane? Absolutely not. She gets off scott free, because she found free internet access. Instead, Joe and Joan get to go to court to meet the big, bad RIAA, and end up paying $thousands because they were too stupid to secure their networks

Using the signal, not illegal. Nothing in the law makes it so. If that were the case, then everyone would just be forced to shut down open wi-fi as a whole. Open wi-fi isn't the problem, it's private open wi-fi (ie: that done from, say, home), and the expectation of any privacy whatsoever across any 'open' network. It aint happening!
1. I'm talking under our law, and no we have not had 101 cases involving wifi, ergo it is either going to come under our legislation (not sure if the Government has passed anything like a law covering this), or common law (ergo various examples people are using to demonstrate someone losing something).

2. I'm pretty sure, at least under our law, that Jane would be facing court action with no doubt the various teleco cases being referenced, clearly they would not be binding to a decision.

3. Under our law it doesn't necessary mean someone will get away with using a signal because there is no legislation, common law can be brought to bare and that doesn't need previous cases or legislation.