Google becoming to big or possibly evil?

[CntdwnToExtn]

They haven't deleted the data because they are facing lawsuits in some countries.
Although I condemn Google for all this situation I also agree with soulphire. How can people be so stupid and have their network unprotected? This is what I call natural selection, theory of evolution, survival of the strongest, in this case the smartest.

Why do they have to be 'stupid'?
Am I stupid then for having a 'hotspot' open here at work? It's for visitor access and employee use at break for cell phones, netbooks, laptops, etc.
What about bars/coffee shops/McDonalds and other places that have these spots open?

The point is that Google harvested this information.
I can connect to the hotspot here at work and collect zero information (except for a NetBIOS name or something). I just don't accidentally harvest passwords, websites and other information.

And going by 'having their network unprotected' wouldn't this mean everyone should be using a VPN for their wire connection? Simple sniffers can pick up all kinds of data. Heck, you can sniff a Cable network and get everyone on the block. Are these people stupid for not using a VPN?

 

[C0RR0SIVE]

It is actually illegal to use any ones internet connection, secured or not secured, in a lot of places in the states, and in other countries anymore, you get caught, well... It isn't a pretty thing.

 

[farinha]

First of all I said that I condemn Google for this situation... and the excuse that it was an accident it's very hard to believe.

What I mean is, encrypting your wireless network is one of the most basic things on a network. Of course it's not stupid to provide an hotspot so your clients can access the network while they're waiting or wan to consult something on the web but it is stupid to use "sensitive" information on it, like passwords, credit card numbers, etc. If you do don't be surprised if someone is sniffing the network and seeing everything your doing, including passwords.

Unless you have access to the network infrastructures, routers and switchs, a wired network is harder to sniff. Regarding the Cable network you talked about, that's why I have ADSL...

 

[CntdwnToExtn]

Well I don't believe it's "stupid" per-say, more or less people simply not educated about it.
Encrypting might be a basic thing for you and I, but I guarantee it's not for the average user, let alone even thought about.
I have 100% confidence connecting to sites and entering user names and passwords over an open hotspot, so long as HTTPS is used. But once again, are users educated about HTTPS?

And yes, wired networks are a bit harder to see the traffic, but it only takes one disgruntled user and a few words typed into a search engine to know what a sniffer is.


I just find calling the user 'stupid' is a bit harsh when there are a lot of other factors involved.

 

[S0ULphIRE]

In Canada you can not connect to someone's wireless without their permission.

So if your door to your house was unlocked, I could go in?

And you don't have to connect to someone's wireless to grab data off the network. You can passively do it, which from what I can gather is what google was doing.

If the door to my house is unlocked, going in would be actively entering my property (network) and would be illegal. It's more like if I left my window open and you were standing in the street with a microphone/recorder. If I didn't want you to hear what I was talking about or what was going on in the house, it's my fault for not making sure nobody could hear this sensitive stuff before blurting it out.


By no means do I believe google when they say it was 'an accident' (like, rofl anyone?)

 

[KSoD]

I have never seen or heard of anyone being able to get user account information or passwords just by connecting to their network. I have connected to WiFi networks are places like Tim Hortons and McDonalds and i never was able to obtain this information passively. So there had to of being something going on for them to be able to get this information. Cause if it was so easy to do, then people would be going to these places and obtaining this information from others using such a service and abusing it and creating more of an Identity Theft problem than there already is.

Plus add into that, if it was so easily done and could be done so passively, i am sure that people would be throwing a fit to places like Tim Hortons, McDonalds, Border and so on that offer this service and it would be shut down. No place would be offering such services if this information can be obtained so easily just by connecting to the network.

I can say that I sorted agree with the assessment that not protecting your home network with security is silly. I wont say stupid cause that isnt the proper term. I say silly cause i know i always suggest to people when i sell them a WiFi router to use WPA2 protection. But at the same time, this whole technology thing is new to people and they dont understand it. So they dont protect themselves. Is it right? By no means. Should they take the time to learn? Of course. But we all know that people take the easiest route to the solution. I fully engage my customers and let them know how to do it. I provide them with written instructions if needed. I write it down on a sheet of paper with them standing there and they have called me back at work asking more questions. I gladly answer them as well.

So yeah it is bad that people are not taking the proper steps cause anyone who knows how can be doing what has already been done by Google. It could also lead to other problems. My main issue is that Google is a big name. They are a huge company now and they should respect these peoples unsecure networks. For all they know, they could be their "customers" that use their services. It doesnt look good on a company when they are doing such things to people that are their customers. As i highly doubt that all of the people whose networks they used are not part of Google in some way.

 

[S0ULphIRE]

Trust me it's very possible.

read here if you want more info: http://patrickgarbin.com/GradPaper.pdf

Eavesdropping is another type of passive attack on networks. “We might say that an attacker (or a system administrator) is eavesdropping by monitoring all traffic passing through a node” [9]. This attacker or administrator might have a legitimate purpose in eavesdropping or may be communicating with inappropriate parties. Because the majority of network communications occur in “cleartext” or unsecured format, attackers can gain access to data paths within a network and “eavesdrop” or interpret the traffic. One of the biggest security problems faced by administrators is the ability of eavesdroppers to monitor networks. “Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network” [5].

 

[KSoD]

I know it is possible. But you have to use specific programs in order to do this. Such as hacking tools. Which then leads to questions of why Google is using such things when they are taking pictures for their Street Views? Why would they need such programs for their street view car?

I fully know that it can be done. But why it is being done is what remains to be answered. Google is the not Administrator of the networks that they are "borrowing" nor are they attackers, or so i would seriously hope. Which then leads directly back to the things i said above. They shouldnt ever have a reason to use such tools while driving around. What good is it to them what people are doing on their networks? They have enough tools to monitor how many hits they are getting, they shouldnt have a need or a want to obtain such information.

I know that the question presented will never be answered. But seriously it is something that make people wonder about Google. No one would be happy if such actions were taken on by Apple, Microsoft, *NIX or any other company, so why is it that when news breaks that Google is doing it all we get is some people saying that it is the users fault for not protecting their networks instead of asking why Google is doing it in the first place? People got seriously upset when rumors broke about Windows and the WGA program. There was rumors that it was used to spy on users, how fast did that turn ugly even after Microsoft made an official annoucement on what the WGA program really was used for and what information it truly collected. Some people believe this so much that they dumped Windows completely.

 

[S0ULphIRE]

I know it is possible. But you have to use specific programs in order to do this. Such as hacking tools. Which then leads to questions of why Google is using such things when they are taking pictures for their Street Views? Why would they need such programs for their street view car.

One of their people wrote a custom program which "sampled all categories of publicly broadcast WIFI data". That is NOT hacking, not technically and not any other way either

The data they gathered can be used for a whole host of things that'd be useful for a search company. So there's no question about why they'd do it.

Oh, and another thing. The data they collected was most likely disjointed/incomplete from a security point of view. They got passwords! oh noes! Well guess what, I'd stake a lot of money that all or nearly all of those passwords will be useless.

Once again it's scaremongering from the media blowing **** out of proportion on an technically-uneducated public. Google INVADED your PRIVACY and STOLE your passwords! GOOGLE'S IN UR DOMAINZ STEELIN UR EMAILZ!!

...or not.

Is it hurting their image? Definitely. Is it in any way illegal? **** no.

 

[CntdwnToExtn]

One of their people wrote a custom program which "sampled all categories of publicly broadcast WIFI data". That is NOT hacking, not technically and not any other way either

The data they gathered can be used for a whole host of things that'd be useful for a search company. So there's no question about why they'd do it.

Oh, and another thing. The data they collected was most likely disjointed/incomplete from a security point of view. They got passwords! oh noes! Well guess what, I'd stake a lot of money that all or nearly all of those passwords will be useless.

Once again it's scaremongering from the media blowing **** out of proportion on an technically-uneducated public. Google INVADED your PRIVACY and STOLE your passwords! GOOGLE'S IN UR DOMAINZ STEELIN UR EMAILZ!!

...or not.

Is it hurting their image? Definitely. Is it in any way illegal? **** no.

Ya, and if I do a port scan, I'm just "sampling the ports" to eh. Nice twist of words.
They wrote a program to get information about networks, it's a hacking tool. Might not be a cracking tool, but it's definitively a hacking tool and now, no doubt classed under sniffers because it was able to see network traffic. Actively or Passively.

There is no doubt the media is trying to take hold of this. However this is still an issue because you don't expect a company of that stature to be collecting information this way. The way they did was how a Wardriving, unethical, loner cracker tries to get information.
They KNEW if they would have disclosed at the time they started doing Street View they would also be "sampling catagories..." they would have created a stir.


And regarding your last sentence of being illegal. In Aussie, I guess it isn't. But here in Canada is a totally different story.