Eric Schmidt, Jared Cohen Say Google Data Now Protected From Gov't Spying 155
An anonymous reader writes "Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations. In the last few days Google upgraded its security measure following revelations that Britain's GCHQ had intercepted data being transmitted between Google datacenters, Schmidt said that his company's upgrades following the incident left him 'pretty sure that information within Google is now safe from any government's prying eyes.'"
Liar (Score:1, Funny)
Eric Schmidt likes to lie........don't believe anything from his mouth!!
Re: (Score:3, Insightful)
That's being a little harsh.
He says what the letters from Obama tell him to say.
Re: (Score:2)
Eric Schmidt likes to lie........don't believe anything from his mouth!!
Oh, come, come, that cannot be true. I think what you mean is "he lies when the truth will do."
Re: (Score:2)
Not so much a lie as leaving out a bit of the truth, "Google data now protected from 'FREE' government spying", see just one word accidental left out and really even when the word is left out it is accurate, as it is only 'SPYING' when they don't pay for access. When Google sell you data, the means by which they make their profit, the government is just buying like any other marketing agency. The government just wants to send government marketing representatives to your door to provide you with offers if y
Re: (Score:1)
Is he given incentive to lie?
http://tech.slashdot.org/story... [slashdot.org]
Re: (Score:1)
Re:Liar (Score:5, Insightful)
There is a very broken, hazy line between marketing and lying.
I thought they were synonyms...
Re:Liar (Score:5, Funny)
There is a very broken, hazy line between marketing and lying.
I thought they were synonyms...
If you are trying to sell something it's marketing. Otherwise it's lying.
Re: (Score:2)
He is a human. All humans lie. :(
Comment removed (Score:5, Insightful)
Re:Safe just from prying eyes? (Score:4, Interesting)
Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?
FTFY
Re:Safe just from prying eyes? (Score:5, Insightful)
Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly pays for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?
FTFY
...that also has the power to jail anyone, including corporate executives, for undisclosed national security reasons and undisclosed duration if they fail to cooperate?
Re: (Score:2)
On paper they could lock Schmidt up, but in practice they would want to avoid that kind of press and the almost infinite legal resources that would be used against them. Normally the rich and powerful being above the law is a bad thing, but in this case it happens to work in our favour.
Re: (Score:2)
Re: (Score:2, Interesting)
http://en.wikipedia.org/wiki/J... [wikipedia.org]
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
"They wouldn't dare" is not a long term argument with a government that is increasingly using the methods of totalitarian states.
Re: (Score:2)
Re: (Score:2)
Have we seen any "evil" that wasn't via warrant yet?
Re: (Score:2, Informative)
Yes, and plenty of direct evidence that they're doing things illegally and then faking up a legal investigation based on that evidence. Which is, itself, illegal.
Re: (Score:2)
Not just getting friendly with local government, but I'm pretty sure Google will take the always wonderful stance of "secure forever". Time is always on the government's side and given enough time, all static security is rendered useless.
Unless Google plans to review their "security" on a pretty regular basis. Someone with enough money and enough time (pretty much any country's government and a few private citizens too) will eventually break into what is pretty much the Fort Knox (having large amounts of
Re: (Score:3)
They don't need perfect security. All they need is security that's more expensive to penetrate than to pay them to hand over the data.
Re: (Score:1)
Safe from eyes is an issue, with the NSA asserting that collecting allllll the data for computer analysis is perfectly fine and they only need permission to have a human look at it.
Re:Safe just from prying eyes? (Score:5, Interesting)
According to Eric Schmidt, now they are. This is absolutely good news. It is also exactly what the Electronic Frontier Foundation is asking web services to do. You can check the relative state of Google and other services according to the EFF at: https://www.eff.org/deeplinks/... [eff.org].
Re:Safe just from prying eyes? Or bad Joke (Score:1)
Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations.
Now what about the accusations that they were willfully co-operating behind closed doors with spying agencies? I like how the press really kept up with anything. Not only did they not bother to find that out, they didn't bother to see what safety/warnings systems are in place for a possible "tap in" of there li
Re: (Score:3)
They don't play preferences with governments.
They sell your data to everyone willing to pay.
Re: (Score:2)
Citation? I see this claim made a lot on Slashdot but have yet to see any evidence that they sell personal data to anyone. They sell advertising space targeted based on keywords and general demographics, but that is rather different to selling access to your gmail account or private photos.
Re: (Score:2)
Re:Safe just from prying eyes? (Score:4, Interesting)
Sure, the data might be safe from a government's prying eyes, but will it be safe from a government who kindly asks for the data, with the company acquiescing between it wants to maintain its lucrative business links with the authorities?
Governments can ask, and Google will say "No, please come back with an order."
Governments can order, and Google will comply, as long as the order was issued by proper authority, isn't excessively broad, etc. And then Google will add the order, and the number of accounts it affects, to the next transparency report.
That's not perfect, but it's much, much better than the government being able to snarf all the data with no accountability at all.
Re: (Score:2)
Re:Safe just from prying eyes? (Score:4, Interesting)
How do you know Google will say, "No, please come back with an order?" What if Google only tells the public that it insists on the government presenting a lawfully issued court order, but in fact it secretly gives the government whatever information wants? Speculation that Google is deeply implicated with the US government has been going around for over a decade now.
How do I know? Well, (a) Google's leadership says so and AFAICT there is no law that allows the government to compel them to lie, publicly or internally and in fact there are laws that make it a crime for executives of publicly-traded companies to lie about issues which could affect the stock price (which this definitely does!); (b) as a Google employee who manages sensitive user data I have some visibility into how requests for that data are handled; and (c) as someone who is familiar with Google culture I find it inconceivable that such a thing could be happening on any kind of significant scale without being outed -- like most of silicon valley, and like geeks in general, Googlers tend to be pretty iconoclastic and anti-authoritarian.
Speculation that Google is deeply implicated with the US government has been going around for over a decade now.
If the speculation has been floating around that long, without a shred of evidence to support it in spite of the large-scale conspiracy that would be required to keep all such evidence suppressed, I think that's pretty compelling evidence that it's not true. You can never completely prove a negative, of course, but you can asymptotically approach certainty.
Re: (Score:1)
there is no law that allows the government to compel them to lie, publicly or internally
Are you F'ing kidding me? Have you not been paying ANY attention to whats been going on lately? They've been making companies provide certain info and using National Security Act crap to make it illegal for them to tell ANYONE.
Re: (Score:2)
You don't and can't, and if that's a problem for you, you don't use Gogle services. Next!
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
This is why they're pushing so hard on https for search, gmail, etc. as well as encrypting everything internally.
Re: (Score:2)
No, all Google did was protect the data against FREE access.
Remember Google's in the business of selling user information. Government access for free isn't in the business plan. So they closed the loophole that allowed it.
Now the government needs to pay for it. Like everyon
Re: Safe just from prying eyes? (Score:1)
Google's business model is based on selling data about you. They won't give users the ability to encrypt that data. And if they can see the data, so can the government.
Re: (Score:2)
With the current government (and the last couple also) the "rule of law" is dead.. not just on life support, but dead and begining to smell....
Yeah right (Score:4, Insightful)
Seriously is there anyone that would actually believe such a statement?
Re: (Score:1)
Of course. You just have to read carefully.
Re: (Score:2, Informative)
the NSA employees working for google wont...
Re: (Score:2, Interesting)
In that case, should we believe him? The answer is no. If you want to make sure your data is safe, you need to close all exploits in your code (we're just talking about the easy part here, not the social engineering). If someone says, "I'm pretty sure my code is safe" you know he's wrong, because he hasn't gone through the effort necessary to make the code secure. It's
Re: (Score:2)
They say, "we proved it."
That's the key difference.
Re: (Score:2)
Of course. It's in their own best interest to ensure governments have to pay for the data like everyone else.
Re: (Score:2)
Seriously is there anyone that would actually believe such a statement?
Yes, they are called "Cloud Users". These people are as dumb as dumb gets.
Re:Yeah right (Score:4, Interesting)
Seriously is there anyone that would actually believe such a statement?
I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.
Re: (Score:2)
Seriously is there anyone that would actually believe such a statement?
I do, but as a Google engineer involved in security and privacy infrastructure I'm in a position with much greater than normal visibility into exactly what is done and how.
And can you likewise assure yourself that even if one or more of your colleagues is an undercover government agent, then the statement is still true?
Re: (Score:2)
AFAIK, they were transferring the data over _their own links_. It's not like anybody else should have had access to it. But they have fixed that now.
Just a detail missing (Score:1)
He did not mention which government.
PRISM program (Score:1)
Buffoons, do you really think that we've already forgotten PRISM? That wasn't "hacking" by GHCQ or NSA. It was cooperation with them.
Nonsense (Score:4, Insightful)
>"they revealed that Google's data is now safely protected from the prying eyes of government organizations. "
That is nonsense. The NSA could probably STILL access the information if they want to (and likely will) or Google can be compelled to reveal it with a super secret demand order, or even a regular warrant.
No information that is ever collected is ever "safe" from prying eyes. And even Google having the information is certainly nothing to be comfortable about. They have ENOUGH information about consumers already... certainly enough to be creepy.
Re: (Score:3)
The NSA could probably STILL access the information if they want to
Sure, they could resort to rubber-hose cryptanalysis, targeting key Google employees. If it were to come out, though, it would make the Snowden leaks look very, very mild. As one of said key Google employees (I work on security infrastructure), I've been given to understand that if I am ever approached in any way by the government, I am to immediately consult with Google legal counsel, and that any request that I not talk to counsel would be illegal (I think it would violate the constitutional guarantee of
Re: (Score:2)
Thanks for the thoughtful and informative response. I did opt out of most of the stuff; have location tracking off, disabled Google +, Google Play Music, Books, Magazines, Games, Video, Hangouts, etc; use Startpage for most searches, use Firefox not Chrome, have Now turned off. Only occasionally use Gmail but I love Google Maps and Play Store.
In any case, I tend to be a pessimist and skeptic about such things, especially when I have no real proof that "opting out" really does anything. It is nice to hear
Re: (Score:2)
You're welcome. I don't have any way to prove it, of course, but I can tell you that the opt outs do exactly what they say they do, as do the "delete my data" options on the dashboard. I've been somewhat involved in the latter and I know people who work on the opt outs. They take it very seriously. Google wants to offer you such a compelling value proposition, which means providing good services plus taking good care that your data is only used in appropriate ways, that you want to give your data. And if yo
this is a lie.. (Score:1)
Because he cannot even disclose his backdoor deals with the government to provide access willingly.
Also black operations methods to intercept the data via satellite and radar still exist, by observing computer and electro emissions from cables over long-range. They call this technique Van Eck Phreaking: http://en.wikipedia.org/wiki/V... [wikipedia.org]
Observe the TEMPEST emissions standards of NSA/DOD themselves, to get an idea of what signals can be remotely observed (virtually any signal can be, and they're very paranoid
Re: (Score:1)
Google should ask their engineers if they shielded their complex or not. Shielded all cables. Installed tinfoil hat, with mylar, and nu metal and an ion shield around their staffs brains. And whether or not the computers and screens are shielded. If not, all the Google data is very much still available to the NSA. lmfao.
TFA (Score:2)
The Pudding, where is the pudding ? (Score:2)
"Pretty sure"? Why should we believe this? (Score:4, Insightful)
and they revealed that Google's data is now safely protected from the prying eyes of government organizations.
Does anyone actually believe this? First off we know that all the government has to do is issue a National Security Letter [wikipedia.org] and Google will fold like a dish cloth. Eric Schmidt isn't about to go to jail to protect you. Second, he has every reason to publicly proclaim our data is "safely protected" in order to protect his business regardless of whether it is true. Third, he cannot possibly promise that even if he genuinely believes it because he can't prove it. Fourth, even if he could somehow be sure he's keeping the government snoops out, he won't provide anyone the access necessary to verify it.
There are things they could say that I would believe but him being "pretty sure" that our data is safe just isn't really credible.
Re:"Pretty sure"? Why should we believe this? (Score:5, Insightful)
I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.
Before Google took the steps necessary to ensure communications between data centers was secured, the government could (and apparently did) just slurp up everything and troll for information. Now, at least they'll need some sort of court order, which means they'll need at least a modicum of an idea what they are targeting.
The entire government system is still deeply - maybe even fatally - flawed. Even if Obama's reforms actually take place, there's still far too much power left in the hands of the secret courts and the spy agencies. But fixing this horrible, unconstitutional mess will take time and effort. Correcting (or, in this case, interfering with) even one aspect of it is welcome news.
Re: (Score:3)
They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant that says 'let us sift through everything, and we'll throw you in jail if you ever tell anyone this request was made?' This assurance is better than nothing, yes - but it doesn't change the fact that if you want to be secure from prying government eyes human or automated, you just can't trust any service provider any more. The only way to be sure is to verify security at both endpoin
Time for Google to find a new home (Score:2)
Re: (Score:2)
They say they need a court order. How do we know they havn't just issued some secret National Security Letter or FISA warrant...
True, but at least they have to ask for the data now. Before they could just go digging through it.
Re: (Score:2)
True, but at least they have to ask for the data now. Before they could just go digging through it.
Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.
Re: (Score:2)
True, but at least they have to ask for the data now. Before they could just go digging through it.
Who is to say they still can't. With getting all tinfoil hat about it the only thing we have is Google's word on the matter. That's pretty thin.
Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all. They were the ones who made a big deal of the government snooping their dedicated lines.
Re: (Score:2)
Meh, I suspect that if that were their attitude they wouldn't have drawn attention to the issue at all.
Sure they would. They need to assure people, particularly outside the US, that they aren't the US government's sock puppet to make their business look credible. Google has ambitions outside the US you know plus they need to present a good face to their current customers so they don't go elsewhere. Though in reality it probably isn't that simple, you can explain all their actions purely in terms of profit motive. Google is trying to do just enough rather than take the painful step of actually doing the r
Re: (Score:2)
Re: (Score:2)
I'm not a fan of Google's, but I'm not sure why people are unwilling to recognize this is a significant step in the right direction.
Because they aren't really going to bat on this. It would be one thing if this was some big surprise to them but the KNOW the government is snooping and their response has been half-hearted at best. Google has a huge war chest to fight the good fight on this. I realize they can't do some things but they aren't doing a lot of things that they can do, including lobbying HARD on this issue. Google isn't the only one. I put just as much blame on Apple and Microsoft and Facebook and the rest of the tech gia
yeah right.. (Score:2)
...unless, of course, they ask kinda nicely for it.
then we just hand it over.
3 Weeks (Score:2)
At rest, arguably...in flight, yeah right. (Score:1)
Does anyone remember that whole "trusted proxy" thing that's creeping into the HTTP 2.0 draft spec?
Is anyone else familiar with the MITM capabilities of a Blue Coat ProxySG device, and how widely deployed they are amongst ISPs?
Re: (Score:2)
The trusted proxy panic was really a scare about nothing. It's just a way to allow for HTTP(S)2 interception by a proxy which the client machine explicitly trusts and authenticates - something which is already very common practice in the corporate lan as a means of keeping the employees off of porn/facebook.
Re: (Score:1)
Your assertion about TP being a "scare about nothing" is incredibly naive...it's only valid if the end user provides informed consent. In practice, there are organizations that si
Re: (Score:2)
Without content inspection, all you have to filter on is DNS and IP. Not enough - without more information the filter will have to be either ineffectual or so overzealous as to hinder work.
right...because the easter bunny is the new admin (Score:1)
right! and we are supposed to believe that just because they're saying so? is google going to break the law to support what they're saying?
and who protects us from google?
if they are so interested in protecting their users why not encrypt every user data with a key that only the user controls?
Re: (Score:2)
Google's primary business is advertising. All the services they provide are there to service that business, either by allowing them to serve up more advertisments or by collecting data they can use to target those adverts with greater precision.
And we believe that why? (Score:2)
Sure, spying without the cooperation of Google may have gotten a bit more expensive, but that is the best-case scenario.
Gag Orders (Score:2)
While gag orders exist, we can believe nothing from an American, or a company domiciled in America, or a country beholden to America.
Sorry.
Re: Gag Orders (Score:1)
A gag order is different than compelling a company to lie. There is no evidence that has ever occurred.
Eric "you shouldn't be doing that" Schmidt (Score:3)
This would be the same Eric Schmidt who said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."? [huffingtonpost.com]
And now we're expected to believe him, when he says he's keeping us safe from letting anyone know what we're doing?
He killed a lot of trust with the original comment.
He just killed a whole lot more.
Re: (Score:3)
I thought the point was clear, but to attempt to make it more so:
Eric Schmidt stated if there was stuff we didn't want people to know, we shouldn't be doing it. (this was way before the Snowden leaks).
He made it a clear position - don't do anything you don't want to be made public (search back for the old discussion on here about it, as I recall he didn't come out of it well).
So now he's saying the opposite - that we can trust him with stuff we don't people to know (i.e. everything Google knows about us).
Ou
Re: (Score:2)
So now he's saying the opposite - that we can trust him with stuff we don't people to know (i.e. everything Google knows about us).
I think you're overstating what he's saying. He's saying that the government can't get access to the stuff we don't want people to know without getting an appropriate court order. That's not inconsistent with suggesting that if there's stuff you don't want people (the government) to know, then you shouldn't be doing it... because the government still can get it. They just need to be able to convince the appropriate magistrate that they have a good reason. Oh, and they have to be targeting you specifically.
The other side of the coin. (Score:2)
Now if we can just protect it from Google spying.
So its now safe for... (Score:2)
all the terrorists to communicate thru......Now all they have to do is convince the spying government terrorist of it... collect datat for a couple years then leak the hell out of it.... Then we won't have a spying problem anymore.
The only way to be safe from leaks on the internet is to not make whatever not accessible on or from the internet.
Famous last words (Score:2)
'pretty sure that information within Google is now safe from any government's prying eyes.
It doesn't work if their last round of spying got them the root password, and the backdoors planted.
They can still infiltrate the companies' datacenter employee staff with their own operatives.
And another mechanism at their disposal -- is, of course, lawful orders together with gag orders.
Safe? (Score:3)
Re: (Score:2)
So... (Score:2)
The human factor (Score:2)
I believe that Google has probably fixed most of the technical issues that allowed NSA (and presumably others) to eavesdrop on data in their systems.
But a company with the size and scope of Google must be *riddled* with agents of various national intelligence services, not to mention corporate spies. Think about how many engineers they have hired and acquired in the last ten years. They are a big, juicy target for espionage. As is Amazon, Microsoft, Dropbox, and any other global-scale cloud provider with th
Re: (Score:1)
OMG, there's code in Microsoft Windows too, called NSAKEY, letting them bypass all Windows secret features and install NSA signed software code. lmfao: http://www.washingtonsblog.com... [washingtonsblog.com]
Re: (Score:1)
Man, you almost had a fucking point, till you spouted random unrelated bigotry against Israel.
Protip: when you have an agenda, and you're trying to make a point, leave your agenda out of it until much later on. Or when it's substantiated.