[LINK] Crikey: 'Google a 'honeypot' for authoritarian governments'
Roger Clarke
Roger.Clarke at xamax.com.au
Thu Jan 14 15:02:44 AEDT 2010
At 14:41 +1100 14/1/10, Geordie Guy wrote:
>*sigh*
>I'd like to encourage privacy advocates to openly discuss concerns
>about companies such as this within the privacy community, and
>further encourage those who provide expertise to the media to
>consider the wider opinions. Particularly those whose expertise are
>grounded in specific areas who are invited to speak on areas wider
>than their expertise.
Could you be a tad more specific, Geordie?
Thanks.
The comments provided to the reporter are below.
P.S. I hereby give you permission to pass these comments on to
Google via your gmail account
______________________________________________________________________
Musings on the Google and China Story
The only statements that I've seen refer to:
- "a recent cyber attack against the Gmail accounts of human rights
activists.
- "a vast cyber attack, including an attempt to hack the Gmail
accounts of Chinese human rights activists
- "security and human rights implications".
Plus it appears that Google is prepared to abandon its 1/3rd
market-share in China if this piece of sabre-rattling doesn't force
the Chinese government to back off.
So there's very little hard information available, and it's necessary
to interpolate.
Speculation:
The hacks may have been directed at Google's own archive, which would
be much more valuable than "the Gmail accounts of Chinese human
rights activists".
Reasoning:
Google has accumulated vast holdings on people.
That doesn't just apply to Gmail users.
And it doesn't just apply to people with Google accounts.
It's got all of your search-terms.
And it's got what you clicked on while you've been on Google pages.
It's got a list of prettymuch every ad you ever clicked on.
It's got any emails that you sent to Gmail users.
It's got what people sent to you from Gmail accounts.
It's got the correspondence that you exchanged with people who,
unbeknowns to you, flush all of their mail from other accounts
through Gmail.
It's got every posting that you've sent, since about 2004, to every
email-list that you're on (because at least one person on every list
uses Gmail).
All of that data is directly related to you because of the
email-addresses, IP-addresses and personal names contained in all of
that traffic.
That's reinforced by its use of your email-address as your loginid
for Google services, and a suite of cookies that are common across
all services.
(If you're a Google addict, it may also have every location that you
ever typed into Google Maps, and every Streetview you ever displayed.
And you may have even gifted it your photo collection, and a copy of
your own disk-files. See
http://en.wikipedia.org/wiki/List_of_Google_products).
Less reliably, it's also got what people said about you that got into
the Gmail system. (But that's a lot less reliable, because some of
it only contains names, and is much harder to match with your own
email-traffic).
So Google is in a position to mine from its holdings:
- your online behaviour
- your economic and social interests
- your political views
- your network of contacts
- your close associates
An authoritarian government would like to be able to do that too.
So it would be no surprise whatsoever if the Chinese Government
sought access to the Google archive and its internal search
capabilities.
They might try to do it with Google's agreement, or otherwise.
In fact, it would be a big surprise if it didn't.
Paper:
Clarke R. (2006) 'Google's Gauntlets' Computer Law & Security Report
22, 4 (July-August 2006) 287-297, PrePrint at
http://www.rogerclarke.com/II/Gurgle0604.html#Priv
Presentation slide-set:
Clarke R. (2005-07) 'Big Brother Google ', text at
http://www.rogerclarke.com/DV/Googacy-070919.html
Slide-set at http://www.rogerclarke.com/DV/Googacy-070919.ppt (4MB)
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list