patrick.net

"Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday."

Sorry, not buying it. GOOG would sell your data to ANYONE for pennies, and gladly give it up for government requests. Statements otherwise are PR bullshit.

curious2 says

"Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday."

That's a joke?
They are spying on you themselves and they are working with the NSA to provide backdoors....
But obviously they want you to think your data is safe on their servers.

If you want privacy you obviously can't trust a company that makes it a business of selling your information.

Heraclitusstudent says

That's a joke?

It isn't a joke. Google can't fully monetize your personal information if Booz Allen undercuts them on price, or if the NSA's next leaker gives it away free. Also, as the article notes, the reports of wholesale interception, gathering and storing the whole haystack of traffic so that it can be searched at leisure, is causing a cultural backlash. That includes both the attitudes of employees within the company, and the potential behavior of customers: if everyone encrypts all their e-mail and searches with DuckDuckGo and IxQuick, then some of Google's biggest revenue models run into difficulty.

curious2 says

"Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday."

So does everyone else.. be it banks, retailers, merchants, governments, and many other entities. All this is normal best practices for many years now. This shouldnt be NEW NEWS at all.

Some of you actually believed some of the data held by merchants and banks actualy wasnt encrypted... laughable.

Part of the information that came out is that US tech companies are in bed with the NSA.

http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
"Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software."

http://www.commondreams.org/headline/2013/09/07-0
"According to Thursday's reports, based on documents leaked by NSA whistleblower Edward Snowden, the NSA (as well as the GCHQ) have used "covert measures" to control and manipulate international encryption standards, largely through building "industry relationships" with many technology companies and internet service providers, which in turn deploy 'backdoor' entry points into their email, online banking, and other such online databases and introduce weaknesses into their encryption standards to the benefit of NSA surveillance."

http://www.businessweek.com/articles/2013-07-03/security-enhanced-android-nsa-edition#r=nav-fs
"Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter."

curious2 says

It isn't a joke. Google can't fully monetize your personal information if Booz Allen undercuts them on price, or if the NSA's next leaker gives it away free.

BS. Google milks its position in the market which no one else has. Obviously the NSA is not a competitor, and leakers are not competitors. Besides leakers don't leak personal information.
The only thing Google cares about is that people think their information is safe. Which it isn't.

Heraclitusstudent says

leakers are not competitors.

You seem to be defining "leakers" to mean only Edward Snowden. What makes you think information has never leaked out of NSA any other way, and never will? Once NSA has GOOG's data, do you imagine that NSA is totally secure and nobody leaks anything to competitors?

Heraclitusstudent says

Besides leakers don't leak personal information.

Again you seem to be defining "leakers" to mean only the most recent famous example, which is a surprising lack of perspective considering your username. Even the Wikileaks data from Pfc Manning included information about specific persons. What assurance do you have that other leaks don't include personal information? If I may observe something, you seem more interested in saying something angry about GOOG than in addressing the issue at hand.

Rather than digress into your feelings about GOOG, larger concerns raised by Bruce Schneier seem more relevant to the thread.

anonymous says

Or is there a different set of rules for the public and another for business?

Yes, there are rules that cover 'the safeguarding" of consumer data.

Why wouldnt there be ?

As for corporate communications, they all use standard tools you and I use ... Microsoft email server. does your ISP provide equal data protection as would a corporate IT department ? Yes they do.

nothing evil, just common sense... as for Journalist.. probably the worst people who could ever try
to understand or explain overall business and more over the technology industry.

curious2 says

Once NSA has GOOG's data, do you imagine that NSA is totally secure and nobody leaks anything to competitors?

more secure than Google ? more likely yes!

since it only captures inbound data and does not release any information. while google turns around and allows access to users of outbound data. By its own Google is the Niagara Falls of leaking data.

Ask yourself this.. who does Google sell the data to ? Can anyone just call up and pay a fee for access to their data.. Does Google check the background of their paying customers. More over are not Google customers actually many foreign entities ? Its all obvious!

anonymous says

ExxonMobil and American Power the author covered some of the elaborate methods they used to ensure privacy of the Corporate Officers and communications yet they still send emails. The company I retired from had similar procedures. Wouldn't the NSA be able to intercept and decipher these as well?

Why would any US company care about NSA spying? Clearly they are not in business to penalize US companies.

You can bet foreign companies competing with US counterparts must be sweating bullets right now and seriously thinking about developing their own cryptography/firewalls etc...

APOCALYPSEFUCK is Comptroller says

Here's the fucking question everyone's got to ask: are the Certificate Authorities' private keys, the root keys each uses to create every certificate used for establishing a crypto channel on the Intenet, *all* in the hands of the fucking NSA?

VeriSign Hacked, Successfully and Repeatedly, in 2010
www.schneier.com/blog/archives/2012/02/verisign_hacked.html‎
Feb 3, 2012 - When certificate authorities get hacked, and certificates issued, your client may automatically trust MITM SSL connections from these devices.

Heraclitusstudent says

You can bet foreign companies competing with US counterparts must be sweating bullets right now and seriously thinking about developing their own cryptography/firewalls etc...

firewalls and hacks by the Chinese intel agengies.. back doors ?

the NSA is NOT the problem...

CHINA TECH COMPANY BRAGS: WE HACKED U.S. TELECOMS
Electronic 'backdoor' could let outsiders sabotage U.S. systems, sites
Published: 06/14/2012 at 8:39 PM

WASHINGTON – A major Chinese telecommunications company has been boasting how it was able to hack into U.S. and international telecommunications networks and intercept what it suggested was “malicious” data.

The claim was made at a conference held in Dubai in February by officials with the Chinese firm Huawei Technologies Co. Ltd., and left specialists who attended the seminar alarmed.

They told WND that’s because while Huawei may consider the data “malicious,” the act of intercepting and extracting data means the Chinese company also could steal sensitive information or even alter the function of computer systems where the company’s products are installed.

curious2 says

you seem more interested in saying something angry about GOOG than in addressing the issue at hand.

I answered a comment you made about Google because the information we got proved they have absolutely zero credibility. And this lack of credibility is part of the issue at hand. The interview you linked talked about it.

As for leakers, I just don't believe they want or can capture private information of hundreds of millions of people, like Google or the NSA does, let alone use it to compete with Google or something of the kind. This is not a realistic suggestion.

Funny how not a word over the Chinese hacking across the globe into 2012...

not much was written by the mainstream (lefty) media...

than BOOM... Snowden and all hell break open ... now it seems the Chinese

hacking doesnt even exist anymore... its all about the NSA.

Security backdoor found in China-made US military chip

Cambridge University researchers find that a microprocessor used by the US military but made in China contains secret remote access capability UPDATED

http://www.information-age.com/technology/security/2105468/security-backdoor-found-in-china-made-us-military-chip

A microchip used by the US military and manufactured in China contains a secret "backdoor" that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University's Computing Laboratory

Heraclitusstudent says

I just don't believe they want or can capture private information of hundreds of millions of people, like Google or the NSA does, let alone use it to compete with Google or something of the kind. This is not a realistic suggestion.

Your comment puzzles me. If NSA can get secret back doors installed in companies' software, why can't anyone get secret back doors installed in NSA's software? Why do you imagine the data can flow in only one direction, and without ever being copied en route? In any event, competitors' potential interest in GOOG's data could include a broader range of uses than merely competing on a day-to-day basis; for example, it might be useful to know GOOG's search algorithms and product release schedule, or if any senior executives are searching for information about end of life care.

thomaswong.1986 says

the NSA is NOT the problem...

CHINA TECH COMPANY BRAGS: WE HACKED U.S. TELECOMS

Yes and the US gov has publicly complained about China's practices.
Now it comes up that not only they are doing the same, but they are doing it on a scale that is just mind boggling. They are not targeting anything like the chinese are - they just capture everything.

These actions clearly make a mockery of the 4th amendment.

The US gov is clearly acting like the lowest of police state.
If Americans are not bothered by that, then, I guess, what's next?

Heraclitusstudent says

They are not targeting anything like the chinese are - they just capture everything.

I suggest you look at the Ethernet modem or Router you have connected to your PC..

Does it say "made in China" ?

They dont care if your American citizen or what Constitutional Amendment
you can recite.. they can cause massive economic chaos with their back door access.

The fact is the Chinese are capturing far more data GLOBALLY than you are willing to accept.

Heraclitusstudent says

The US gov is clearly acting like the lowest of police state.

If Americans are not bothered by that, then, I guess, what's next?

A police state like China ? The NSA actions are akin to counter espionage. Their actions is to stop the bad guys, be it Chinese hackers, drug smugglers, and international terrorists.

Im pleased with NSA actions.. hope they do well.

curious2 says

Your comment puzzles me. If NSA can get secret back doors installed in companies' software, why can't companies get secret back doors installed into NSA's software? Why do you imagine the data can flow in only one direction? In any event, competitors' interest in GOOG's data could go far beyond operating a competing business, it might also include advance information about acquisitions, strategy, etc.

Yes I'm sure Google will try to ensure that only the NSA can access their backdoor. Was that your point? That's not particularly reassuring.

Backdoors in NSA software? You mean would the NSA willingly give access to private companies into their databases? These guys deal in secrecy. They don't let information go where other countries could spy it. So I think this is unlikely. They probably give competitive information about non US companies. (and foreign countries are likely doing the same).

Heraclitusstudent says

Was that your point?

No, you seem to have misinterpreted it completely.

Heraclitusstudent says

You mean would the NSA willingly give access to private companies into their databases?

You seem to be shifting between NSA as a single entity, leakers within the NSA, and possibly other countries. You're obviously somewhat familiar with the Edward Snowden story, so you are probably aware that he worked for private contractors for the NSA. 70% of the NSA budget goes to private contractors. The whole is obviously more porous than some people understood previously, e.g. "the NSA" (which you write of as if it were one individual with a will of its own, rather than an agency full of many people with independent wills of their own).

thomaswong.1986 says

APOCALYPSEFUCK is Comptroller says

Here's the fucking question everyone's got to ask: are the Certificate Authorities' private keys, the root keys each uses to create every certificate used for establishing a crypto channel on the Intenet, *all* in the hands of the fucking NSA?

VeriSign Hacked, Successfully and Repeatedly, in 2010

www.schneier.com/blog/archives/2012/02/verisign_hacked.html‎

Feb 3, 2012 - When certificate authorities get hacked, and certificates issued, your client may automatically trust MITM SSL connections from these devices.

After what we heard, I'm pretty sure the NSA has certificate authorities private keys. And that means they can pretend to be your bank or whoever.

As far as other hacking are concerned, there are revocation lists.

c2 is an expert in backdoor access

I'm just kiddin, continue the debate, please

Heraclitusstudent says

They probably give competitive information about non US companies. (and foreign countries are likely doing the same).

washing machines.! thats it.. how about which cola i drink.. Coke or Pepsi...

Heraclitusstudent says

After what we heard, I'm pretty sure the NSA has certificate authorities private keys. And that means they can pretend to be your bank or whoever.

Them BIG claims ... few if any can deliver.

curious2 says

70% of the NSA budget goes to private contractors.

tech moves fast.. far too fast for Govt to handle.. there are not that many, and certainly not many at all in Govt payroll to handle all this... who else is gonna build and run the servers but the likes of experts from HP, Dell, Microsoft and other firms ?

APOCALYPSEFUCK is Comptroller says

What the use if the root certificate is compromised?

Revoking ALL the certs it issued is a solution but not one that would leave the CA standing.

But was it really compromised by hackers? If so they should indeed go out of business.
I guess they don't consider NSA having it as 'compromized'.

Bap33 says

I'm just kiddin

No, your obsession is showing - yet again.

A silver lining of NSA leaking personal information might be if they finally drag Bop69 out of the closet by leaking his browsing metadata. Fap33, instead of fapping endlessly over your obsession, just go out and get some.