Forgot your password?
typodupeerror
Privacy Communications Encryption Government United States

Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying 155

Posted by timothy
from the now-how-to-effectively-test? dept.
An anonymous reader writes "Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations. In the last few days Google upgraded its security measure following revelations that Britain's GCHQ had intercepted data being transmitted between Google datacenters, Schmidt said that his company's upgrades following the incident left him 'pretty sure that information within Google is now safe from any government's prying eyes.'"
This discussion has been archived. No new comments can be posted.

Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying

Comments Filter:
  • Liar (Score:1, Funny)

    by Anonymous Coward

    Eric Schmidt likes to lie........don't believe anything from his mouth!!

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      That's being a little harsh.

      He says what the letters from Obama tell him to say.

    • Eric Schmidt likes to lie........don't believe anything from his mouth!!

      Oh, come, come, that cannot be true. I think what you mean is "he lies when the truth will do."

      • by rtb61 (674572)

        Not so much a lie as leaving out a bit of the truth, "Google data now protected from 'FREE' government spying", see just one word accidental left out and really even when the word is left out it is accurate, as it is only 'SPYING' when they don't pay for access. When Google sell you data, the means by which they make their profit, the government is just buying like any other marketing agency. The government just wants to send government marketing representatives to your door to provide you with offers if y

    • by phrostie (121428)

      Is he given incentive to lie?

      http://tech.slashdot.org/story... [slashdot.org]

    • There is a very broken, hazy line between marketing and lying.
    • by antdude (79039)

      He is a human. All humans lie. :(

  • by CRCulver (715279) <crculver@christopherculver.com> on Saturday March 08, 2014 @04:14PM (#46435833) Homepage
    Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?
    • by thaylin (555395) on Saturday March 08, 2014 @04:17PM (#46435857)

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      FTFY

      • by Frobnicator (565869) on Saturday March 08, 2014 @04:45PM (#46435985) Journal

        Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

        FTFY

        ...that also has the power to jail anyone, including corporate executives, for undisclosed national security reasons and undisclosed duration if they fail to cooperate?

        • by AmiMoJo (196126) *

          On paper they could lock Schmidt up, but in practice they would want to avoid that kind of press and the almost infinite legal resources that would be used against them. Normally the rich and powerful being above the law is a bad thing, but in this case it happens to work in our favour.

    • by CRCulver (715279)
      Geez, "between it wants" should read "because it wants".
    • by fred911 (83970)

      Have we seen any "evil" that wasn't via warrant yet?

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Yes, and plenty of direct evidence that they're doing things illegally and then faking up a legal investigation based on that evidence. Which is, itself, illegal.

    • Not just getting friendly with local government, but I'm pretty sure Google will take the always wonderful stance of "secure forever". Time is always on the government's side and given enough time, all static security is rendered useless.

      Unless Google plans to review their "security" on a pretty regular basis. Someone with enough money and enough time (pretty much any country's government and a few private citizens too) will eventually break into what is pretty much the Fort Knox (having large amounts of

      • They don't need perfect security. All they need is security that's more expensive to penetrate than to pay them to hand over the data.

    • by Anonymous Coward

      Safe from eyes is an issue, with the NSA asserting that collecting allllll the data for computer analysis is perfectly fine and they only need permission to have a human look at it.

    • by louarnkoz (805588) on Saturday March 08, 2014 @04:51PM (#46436009)
      Governments can indeed ask for some data, using subpoena or in the case of the US "National Security Network." But for that, they have to actually ask, and the request has to be targeted, naming for example a specific individual. The NSA and the GCHQ were not content with that, they wanted to grab "everything," so instead of the legal channels they used a hack. The hack was to spy on the internal network of Google, and of other services as well, because these internal exchanges were not encrypted.

      According to Eric Schmidt, now they are. This is absolutely good news. It is also exactly what the Electronic Frontier Foundation is asking web services to do. You can check the relative state of Google and other services according to the EFF at: https://www.eff.org/deeplinks/... [eff.org].

    • by Anonymous Coward

      Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations.

      Now what about the accusations that they were willfully co-operating behind closed doors with spying agencies? I like how the press really kept up with anything. Not only did they not bother to find that out, they didn't bother to see what safety/warnings systems are in place for a possible "tap in" of there li

    • They don't play preferences with governments.

      They sell your data to everyone willing to pay.

      • by AmiMoJo (196126) *

        Citation? I see this claim made a lot on Slashdot but have yet to see any evidence that they sell personal data to anyone. They sell advertising space targeted based on keywords and general demographics, but that is rather different to selling access to your gmail account or private photos.

    • As long as they want to keep paying near zilch in taxes, they will comply. Besides, they don't need prying eyes when they have direct access.
    • by swillden (191260) <shawn-ds@willden.org> on Sunday March 09, 2014 @01:13AM (#46437967) Homepage Journal

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      Governments can ask, and Google will say "No, please come back with an order."

      Governments can order, and Google will comply, as long as the order was issued by proper authority, isn't excessively broad, etc. And then Google will add the order, and the number of accounts it affects, to the next transparency report.

      That's not perfect, but it's much, much better than the government being able to snarf all the data with no accountability at all.

      • by CRCulver (715279)

        Governments can ask, and Google will say "No, please come back with an order."

        How do you know Google will say, "No, please come back with an order?" What if Google only tells the public that it insists on the government presenting a lawfully issued court order, but in fact it secretly gives the government whatever information wants? Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

        • by swillden (191260) <shawn-ds@willden.org> on Sunday March 09, 2014 @01:45AM (#46438025) Homepage Journal

          Governments can ask, and Google will say "No, please come back with an order."

          How do you know Google will say, "No, please come back with an order?" What if Google only tells the public that it insists on the government presenting a lawfully issued court order, but in fact it secretly gives the government whatever information wants? Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

          How do I know? Well, (a) Google's leadership says so and AFAICT there is no law that allows the government to compel them to lie, publicly or internally and in fact there are laws that make it a crime for executives of publicly-traded companies to lie about issues which could affect the stock price (which this definitely does!); (b) as a Google employee who manages sensitive user data I have some visibility into how requests for that data are handled; and (c) as someone who is familiar with Google culture I find it inconceivable that such a thing could be happening on any kind of significant scale without being outed -- like most of silicon valley, and like geeks in general, Googlers tend to be pretty iconoclastic and anti-authoritarian.

          Speculation that Google is deeply implicated with the US government has been going around for over a decade now.

          If the speculation has been floating around that long, without a shred of evidence to support it in spite of the large-scale conspiracy that would be required to keep all such evidence suppressed, I think that's pretty compelling evidence that it's not true. You can never completely prove a negative, of course, but you can asymptotically approach certainty.

          • by Anonymous Coward

            there is no law that allows the government to compel them to lie, publicly or internally

            Are you F'ing kidding me? Have you not been paying ANY attention to whats been going on lately? They've been making companies provide certain info and using National Security Act crap to make it illegal for them to tell ANYONE.

        • by u38cg (607297)

          How do you know

          You don't and can't, and if that's a problem for you, you don't use Gogle services. Next!

          • by CRCulver (715279)

            You don't and can't, and if that's a problem for you, you don't use Gogle services.

            Google collects data (and potentially passes it on to the US government) on more than just those who choose to use its services, as Google Analytics is included in the Javascript package of a great many sites, one might send an e-mail to a gmail.com address, etc. Telling something that they are safe if they don't use Google services is essentially telling someone to give up on use of the internet entirely.

    • Not to mention the fact that email traffic going in and out of google is crossing over network infrastructure that is tapped, and unencrypted... it's not like the NSA doesn't already have pretty much everything it wants.
      • by Anonymous Coward

        This is why they're pushing so hard on https for search, gmail, etc. as well as encrypting everything internally.

    • by tlhIngan (30335)

      Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?

      No, all Google did was protect the data against FREE access.

      Remember Google's in the business of selling user information. Government access for free isn't in the business plan. So they closed the loophole that allowed it.

      Now the government needs to pay for it. Like everyon

  • Yeah right (Score:4, Insightful)

    by Ubi_NL (313657) <jorisNO@SPAMideeel.nl> on Saturday March 08, 2014 @04:17PM (#46435859) Journal

    Seriously is there anyone that would actually believe such a statement?

    • by Anonymous Coward

      Of course. You just have to read carefully.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      the NSA employees working for google wont...

    • Re: (Score:2, Interesting)

      by phantomfive (622387)
      Let's assume that he's only talking about unauthorized data leakage, not cases where he gives the data away. Because we know he does that.

      In that case, should we believe him? The answer is no. If you want to make sure your data is safe, you need to close all exploits in your code (we're just talking about the easy part here, not the social engineering). If someone says, "I'm pretty sure my code is safe" you know he's wrong, because he hasn't gone through the effort necessary to make the code secure. It's
    • Of course. It's in their own best interest to ensure governments have to pay for the data like everyone else.

    • Seriously is there anyone that would actually believe such a statement?

      Yes, they are called "Cloud Users". These people are as dumb as dumb gets.

    • Re:Yeah right (Score:4, Interesting)

      by swillden (191260) <shawn-ds@willden.org> on Sunday March 09, 2014 @01:15AM (#46437969) Homepage Journal

      Seriously is there anyone that would actually believe such a statement?

      I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

      • by psydeshow (154300)

        Seriously is there anyone that would actually believe such a statement?

        I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.

        And can you likewise assure yourself that even if one or more of your colleagues is an undercover government agent, then the statement is still true?

  • He did not mention which government.

  • by Anonymous Coward

    Buffoons, do you really think that we've already forgotten PRISM? That wasn't "hacking" by GHCQ or NSA. It was cooperation with them.

  • Nonsense (Score:4, Insightful)

    by markdavis (642305) on Saturday March 08, 2014 @04:36PM (#46435943)

    >"they revealed that Google's data is now safely protected from the prying eyes of government organizations. "

    That is nonsense. The NSA could probably STILL access the information if they want to (and likely will) or Google can be compelled to reveal it with a super secret demand order, or even a regular warrant.

    No information that is ever collected is ever "safe" from prying eyes. And even Google having the information is certainly nothing to be comfortable about. They have ENOUGH information about consumers already... certainly enough to be creepy.

    • by swillden (191260)

      The NSA could probably STILL access the information if they want to

      Sure, they could resort to rubber-hose cryptanalysis, targeting key Google employees. If it were to come out, though, it would make the Snowden leaks look very, very mild. As one of said key Google employees (I work on security infrastructure), I've been given to understand that if I am ever approached in any way by the government, I am to immediately consult with Google legal counsel, and that any request that I not talk to counsel would be illegal (I think it would violate the constitutional guarantee of

      • by markdavis (642305)

        Thanks for the thoughtful and informative response. I did opt out of most of the stuff; have location tracking off, disabled Google +, Google Play Music, Books, Magazines, Games, Video, Hangouts, etc; use Startpage for most searches, use Firefox not Chrome, have Now turned off. Only occasionally use Gmail but I love Google Maps and Play Store.

        In any case, I tend to be a pessimist and skeptic about such things, especially when I have no real proof that "opting out" really does anything. It is nice to hear

        • by swillden (191260)

          You're welcome. I don't have any way to prove it, of course, but I can tell you that the opt outs do exactly what they say they do, as do the "delete my data" options on the dashboard. I've been somewhat involved in the latter and I know people who work on the opt outs. They take it very seriously. Google wants to offer you such a compelling value proposition, which means providing good services plus taking good care that your data is only used in appropriate ways, that you want to give your data. And if yo

  • Because he cannot even disclose his backdoor deals with the government to provide access willingly.

    Also black operations methods to intercept the data via satellite and radar still exist, by observing computer and electro emissions from cables over long-range. They call this technique Van Eck Phreaking: http://en.wikipedia.org/wiki/V... [wikipedia.org]

    Observe the TEMPEST emissions standards of NSA/DOD themselves, to get an idea of what signals can be remotely observed (virtually any signal can be, and they're very paranoid

    • by strstr (539330)

      Google should ask their engineers if they shielded their complex or not. Shielded all cables. Installed tinfoil hat, with mylar, and nu metal and an ion shield around their staffs brains. And whether or not the computers and screens are shielded. If not, all the Google data is very much still available to the NSA. lmfao.

  • From the article, “pretty sure that information within Google is now safe from any government’s prying eyes.” Well, pretty sure just doesn't cut it for me.
  • I am sure that his whole industry is based on provable metrics. So the prood is in the pudding my friend ... how can we know what you claim is true. 'pretty sure' does not go very far.
  • by sjbe (173966) on Saturday March 08, 2014 @05:30PM (#46436195)

    and they revealed that Google's data is now safely protected from the prying eyes of government organizations.

    Does anyone actually believe this? First off we know that all the government has to do is issue a National Security Letter [wikipedia.org] and Google will fold like a dish cloth. Eric Schmidt isn't about to go to jail to protect you. Second, he has every reason to publicly proclaim our data is "safely protected" in order to protect his business regardless of whether it is true. Third, he cannot possibly promise that even if he genuinely believes it because he can't prove it. Fourth, even if he could somehow be sure he's keeping the government snoops out, he won't provide anyone the access necessary to verify it.

    There are things they could say that I would believe but him being "pretty sure" that our data is safe just isn't really credible.

    • by 93 Escort Wagon (326346) on Saturday March 08, 2014 @06:15PM (#46436463)

      I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.

      Before Google took the steps necessary to ensure communications between data centers was secured, the government could (and apparently did) just slurp up everything and troll for information. Now, at least they'll need some sort of court order, which means they'll need at least a modicum of an idea what they are targeting.

      The entire government system is still deeply - maybe even fatally - flawed. Even if Obama's reforms actually take place, there's still far too much power left in the hands of the secret courts and the spy agencies. But fixing this horrible, unconstitutional mess will take time and effort. Correcting (or, in this case, interfering with) even one aspect of it is welcome news.

      • They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant that says 'let us sift through everything, and we'll throw you in jail if you ever tell anyone this request was made?' This assurance is better than nothing, yes - but it doesn't change the fact that if you want to be secure from prying government eyes human or automated, you just can't trust any service provider any more. The only way to be sure is to verify security at both endpoin

        • Away from the power of the US government. Then we might, possibly, believe these comments. Till then, use American tech companies last, or to provide misinformation to them...
        • by Rich0 (548339)

          They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant...

          True, but at least they have to ask for the data now. Before they could just go digging through it.

          • by sjbe (173966)

            True, but at least they have to ask for the data now. Before they could just go digging through it.

            Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.

            • by Rich0 (548339)

              True, but at least they have to ask for the data now. Before they could just go digging through it.

              Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.

              Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all. They were the ones who made a big deal of the government snooping their dedicated lines.

              • by sjbe (173966)

                Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all.

                Sure they would. They need to assure people, particularly outside the US, that they aren't the US government's sock puppet to make their business look credible. Google has ambitions outside the US you know plus they need to present a good face to their current customers so they don't go elsewhere. Though in reality it probably isn't that simple, you can explain all their actions purely in terms of profit motive. Google is trying to do just enough rather than take the painful step of actually doing the r

      • by sjbe (173966)

        I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.

        Because they aren't really going to bat on this. It would be one thing if this was some big surprise to them but the KNOW the government is snooping and their response has been half-hearted at best. Google has a huge war chest to fight the good fight on this. I realize they can't do some things but they aren't doing a lot of things that they can do, including lobbying HARD on this issue. Google isn't the only one. I put just as much blame on Apple and Microsoft and Facebook and the rest of the tech gia

  • ...unless, of course, they ask kinda nicely for it.

    then we just hand it over.

  • That's about how long the NSA will take to crack it; and move on.
  • Assuming you believe this line, they're only providing countermeasures against data at rest or moving within their networks.

    Does anyone remember that whole "trusted proxy" thing that's creeping into the HTTP 2.0 draft spec?

    Is anyone else familiar with the MITM capabilities of a Blue Coat ProxySG device, and how widely deployed they are amongst ISPs?
    • The trusted proxy panic was really a scare about nothing. It's just a way to allow for HTTP(S)2 interception by a proxy which the client machine explicitly trusts and authenticates - something which is already very common practice in the corporate lan as a means of keeping the employees off of porn/facebook.

      • Um, no. A MITM is not necessary for corporations to keep their employees from visiting undesirable content on the internet. Content filtering does not require payload inspection to achieve. I know this because I've worked with clients who use ProxySG devices to help them construct and implement their access control policies.

        Your assertion about TP being a "scare about nothing" is incredibly naive...it's only valid if the end user provides informed consent. In practice, there are organizations that si
        • Without content inspection, all you have to filter on is DNS and IP. Not enough - without more information the filter will have to be either ineffectual or so overzealous as to hinder work.

  • right! and we are supposed to believe that just because they're saying so? is google going to break the law to support what they're saying?

    and who protects us from google?
    if they are so interested in protecting their users why not encrypt every user data with a key that only the user controls?

    • Google's primary business is advertising. All the services they provide are there to service that business, either by allowing them to serve up more advertisments or by collecting data they can use to target those adverts with greater precision.

  • Sure, spying without the cooperation of Google may have gotten a bit more expensive, but that is the best-case scenario.

  • While gag orders exist, we can believe nothing from an American, or a company domiciled in America, or a country beholden to America.

    Sorry.

    • by Anonymous Coward

      A gag order is different than compelling a company to lie. There is no evidence that has ever occurred.

  • by hazeii (5702) on Saturday March 08, 2014 @07:21PM (#46436759) Homepage

    This would be the same Eric Schmidt who said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."? [huffingtonpost.com]

    And now we're expected to believe him, when he says he's keeping us safe from letting anyone know what we're doing?

    He killed a lot of trust with the original comment.

    He just killed a whole lot more.

  • Now if we can just protect it from Google spying.

  • all the terrorists to communicate thru......Now all they have to do is convince the spying government terrorist of it... collect datat for a couple years then leak the hell out of it.... Then we won't have a spying problem anymore.

    The only way to be safe from leaks on the internet is to not make whatever not accessible on or from the internet.

  • 'pretty sure that information within Google is now safe from any government's prying eyes.

    It doesn't work if their last round of spying got them the root password, and the backdoors planted.

    They can still infiltrate the companies' datacenter employee staff with their own operatives.

    And another mechanism at their disposal -- is, of course, lawful orders together with gag orders.

  • by jargonburn (1950578) on Sunday March 09, 2014 @12:41AM (#46437875)
    Now, if only my data was safe from Google's eyes...
  • The NSA told them to say this, right? I mean, it's not like we can really know either way, since the trust has been obliterated.
  • I believe that Google has probably fixed most of the technical issues that allowed NSA (and presumably others) to eavesdrop on data in their systems.

    But a company with the size and scope of Google must be *riddled* with agents of various national intelligence services, not to mention corporate spies. Think about how many engineers they have hired and acquired in the last ten years. They are a big, juicy target for espionage. As is Amazon, Microsoft, Dropbox, and any other global-scale cloud provider with th

I have ways of making money that you know nothing of. -- John D. Rockefeller

Working...