Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:Outrage (Score 1) 230

Either way, it's impossible to argue the data collection was accidental. You don't send a van out running software without having RTFM and testing it out in some trial runs.

Not impossible at all. Kismet provides data in various different formats. And even then, if what you're doing is extracting particular pieces of data from the traffic capture but not paying much attention to everything else, it isn't unreasonable to not really notice what else you've captured.

I used to occasionally run Kismet during my commute. I was curious about what access points I could see during my route and what state of configuration they were in (with the expectation to scoff at all the default unsecured - actually surprised that those numbers had fallen out in the real world). After doing this for a few months, I was going back through my directory to clean up. Just for giggles I decided to actually look at the caps I had collected and see if there was anything interesting in the packet payloads. Most of it was junk; driving around isn't a particularly good way to snoop on a network. But I did find one email password from a slice of captured POP traffic. So I did end up with someone's sensitive data sitting on my drive for possibly several months despite the fact that I wasn't particularly interested in it or being aware of it.

I suspect this is more or less what happened with Google. Scanning through the Google van captures might have turned up nothing. But Google was doing this on a larger scale so the odds were in the favor of something turning up due to the sheer amount of unsecured traffic out there.

Comment Re:Outrage (Score 1) 230

Not if your discussion is being done via bullhorn.

Bullhorns imply you want your words heard by many people. The WiFi equivalent of a bullhorn would be either a signal booster or a publicly advertised network (like at a coffee shop).

It's possible to eavesdrop on conversations in your house from miles away, no bullhorn required. But people reasonably don't expect this to happen. The same is true for their WiFi signals. People reasonably don't expect a company going around and logging their information like this.

The problem is that we have people using bullhorns to communicate and don't realize the implications of doing so. Then they're all shocked when people can hear what they're saying just by listening.

I'm not terribly outraged by this, although I do think Google knowingly went well beyond what is reasonable. I mostly find the nerd hypocrisy here to be ridiculous.

Apple gets called "evil" and thoroughly trashed here for *not* recording people's, or even any particular device's, locations, but Google gets a pass for *actually* treading on this territory (definitely logging the location of devices), and even logging actual network traffic!

I expect I'd be upset if I thought Google was actually logging the data in the sense of trying to catalog and use it. The fault that I lay at Google's feet is to not have realized the potential sensitivity of what they were collecting and done proper cleanup afterwards. As for Apple.... unless I'm missing something, Apple was not doing the exact same thing as Google was. The method and intent is likely as important as the resulting data. And so to decode the "nerd hypocrisy", you probably have to go in to the details.

Comment Re:Outrage (Score 1) 230

OK, let me rephrase. If this tool does something you want, but also does things you don't want, then it may not be the right tool for the job. (A hammer will kill pesky houseflies, but it will also leave holes in your walls.) Try it like this:

The tool is perfectly suitable for what they need. The problem is that they didn't scrub the data they collected and then destroyed everything else collected.

The TSA wants to collect information about each passenger (whether or not they are carrying prohibited items). They have a tool that collects that information, but also collects information that the TSA doesn't need, but that has potential to upset people (images of their privates). If the TSA goes forward with using that tool, they can expect blowback. It might be a great tool for collecting the desired information, but that by-product causes problems - perhaps enough problems that it's worth finding a different tool.

If I'm walking past a security camera in a public location and it gets pictures of me naked because I'm wearing no clothes, I have little reason to be upset about my nudity being captured. What the TSA is currently doing is taking steps to expose me beyond what I've chosen to expose in public. The problem here is that there's a large population who think they're wearing the finest new Emporer fashion and don't like the idea that they've been naked all along.

This isn't so much a technical problem as a management problem. I don't think it's intentional or malicious, but it might qualify as dumb. The snark comes in when you've got an ex-CIO pooh-poohing project management at the same time that Google is having a really hard time putting this one to bed.

I don't have much say on the management issue but I'd imagine if I'm a big believer in PM processes, this would irk me. As I noted, I think the real problem here is that Google didn't properly handle the data. Either the people running the project or some layer of management should have realized the potential of the data they were collecting and ensuring it was handled more appropriately.

Comment Re:Outrage (Score 1) 230

So, if you go out and shoot a rabbit and eat it for dinner, you have done nothing wrong. If Hasenpfeffer Incorporated sends trucks around the nation to systematically shoot every single rabbit in the country so that they can sell the meat, then we have a problem.

But the analogy only works in so far as there are a limited number of rabbits to be had and hunting on a systematically large scale depletes the populations. Meanwhile, systematic capturing of broadcasted, unencrypted network traffic does not decrease the availability of that traffic (although if it did - it'd probably be a Good Thing... security awareness).

The analogy would be different if having a large amount of rabbit from various locations easily accessable would be an issue.

Given Google's history, and the fact that no one has tried to do what they are doing before, I would be likely to give them the benefit of the doubt that they did not intend to be evil by collecting more data than they should have. The ignorance excuse does not extend forward though. If in six months, it comes out that they still gathering that kind of data, they don't get to claim ignorance.

I think the real issue here isn't that Google was able to record this information (any wifi device does this as the most basic level). The problem is that Google didn't realize the significance of the junk traffic and systematically scrub / destroy it (where wifi devices differ is comitting data to long-term storage). It appears that Google won't continue that particular behavior.

Comment Re:Outrage (Score 1) 230

C'mon, how do you write a program to log all MAC addresses, and not realize that it's going to collect all MAC addresses? Do you think they just talk to their vans and there was some sort of ambiguity? Like they said, "Google Van, please record MAC addresses and GPS coordinates", and it just interpreted it wrong because they were unclear?

You don't write your own software. You use a common off-the-shelf app that provides a data dump with everything you need. It's called Kismet. You should take a look at it.

Comment Re:Outrage (Score 1) 230

I've used Kismet to do site surveys before. By default, it's dumping packets for anything it can find. I could probably go through my laptop and find old caps with fragments of data from neighboring networks that had nothing to do with the entity that I was surveying. With that in mind, it's not particularly shocking that Google has done something similar. But do keep trying to push this as an intentional, malicious, or at least "dumb" act. Because everyone likes ignorance if it's packaged in snark.

Comment Re:Outrage (Score 1) 230

Plus, the notion that a company can collect data “accidentally” is laughable, especially considering the process in which it was acquired.

So what you're saying is that you've never used off-the-shelf software to do something and you have absolutely no experience using Kismet.

Comment Re:Adsense (Score 3, Interesting) 143

Some people use quotation marks for paraphrased quotes.

Right. And some people don't know what they're talking about and like to put words in other people's mouths. If you're going to quote someone, quote them.

What was actually said in the oft-misquoted Schmidt interview:

"I think judgment matters. If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place, but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important to remember, for example, that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities." -- Eric Schmidt

Note that isn't a paraphrase. That's a real, gen-u-ine quote. I don't agree with him that the desire to maintain privacy is any way linked to whether I should or should not be doing something. But what I find even more interesting is that in the same breath, we're being warned about the Patriot Act. We're being told without actually being told (because that would be illegal) that Google is being served with Patriot Act requests. Nobody ever seems to key on that though.

Back on topic - nowhere does Schmidt say that privacy isn't important. I understand and share the concern over how much data and meta-data Google has access to. I'm even more concerned over the possibility of Google changing hands or Government access to data (i.e. Patriot Act). But let's limit criticism and concerns to real issues. The real issues are enough without making crap up.

Unless, of course, making crap up is part of a larger agenda.

Comment Re:Adsense (Score 4, Insightful) 143

I thought it was more interesting when you did this post the first time. But I guess you can now copy and paste this in to anything Google related from here on out, right?

Now I'm wondering. Where does this copy-and-paste come from? When has an agent of Google said "privacy is not important"? And when does Google+, a "social network" service that not only features but stresses limiting communications to user-customizable groups and therefore controlling how public any given communications are, represent an example of privacy not being important?

Privacy

TSA Announces Pilot of Trusted Traveler Program 388

Bob the Super Hamste writes "CNN reports that the TSA has announced the pilot of their trusted traveler program. This is the program where an individual gives up additional information to the government and then gets expedited security. The pilot program will only be available to certain frequent fliers on Delta passengers flying out of Atlanta and Detroit, and to American Airlines passengers flying out of Miami and Dallas. Plans are in the work to expand this to other airports and other airlines as well."

Comment Re:Should have continued to withhold. (Score 1) 307

And a traitor. Don't forget that part.

Here's the rub. If we assume that the logs are accurate, Manning seems to feel that he's really uncovered an amazing amount of corruption. Revealing such a thing would not be treason. It would, in fact, be a very heroic thing to do.

My take on it is that he didn't deliver what he thought he had. And if anything, we was an emotionally compromised individual who's clueless actions will have negative impact on people's lives... none the least of which includes his own. That makes him more fool than traitor.

Keep in mind that mistakes are made. Unfortunately, in the military those mistakes tend to cost lives. We don't accuse treason against those who're involved in friendly fire incidents where there is no evidence of intent to kill friendlies (though we may accuse them of negligence if appropriate).

Comment Re:Facts: Lets be clear on some facts here (Score 1) 307

Actually, the full version of the helicopter video was released at the same time.

Which is actually a rather wonderful bit of bait-and-switch. The basic focus of the video is intact - the horrific deaths of a news media crew. But there's some background that gets edited out. Instead, what is always linked to is the edited and editorialized version.

Slashdot Top Deals

"Lead us in a few words of silent prayer." -- Bill Peterson, former Houston Oiler football coach

Working...