[LINK] Crikey: 'Google a 'honeypot' for authoritarian governments'

Roger Clarke Roger.Clarke at xamax.com.au
Thu Jan 14 17:27:15 AEDT 2010 

As far as I can see, the point of difference on a technical matter is here:

At 15:50 +1100 14/1/10, Geordie Guy wrote:
>There is no system at Google where someone can type my Google 
>username and bring up a comprehensive dossier of me.  ...

(1)  That may or may not be the case.  I don't think I made the
      assertion, or even assumption, that you ascribe to me

(2)  Do you have knowledge to support your assertion?
      Or are you speculating, as I said I was?


>  ... The information you describe is in separate indexes for 
>separate purposes ...

Same comments and questions as above.

Given that Google Inc's business operations are predicated on gaining 
revenue from efficient targeting of ads, why do you posit "separate 
purposes"?

And are you factoring in Google Inc's strategy, declared in 2005, 
that "We are moving to a Google that knows more about you"?

I've made the assumption that Google Inc's internal applications of 
IT are aligned with corporate strategy.  (It's a tenet of Strategic 
IS Theory.  I acknowledge it may be a faulty tenet, and that Google 
may not abide by it;  but at least I'm being fairly orthodox in 
making the assumption).


>  ... and the vast majority of them, if not all of them, are not 
>readable by humans but rather feed data directly to other systems.

Same comments and questions as above.

In addition, however, I've made the assumption that Google applies a 
mix of longstanding MIS, DSS, ES and data matching theory and 
practice, plus modern variants and new departures, incl. 
identity-equivalence inferencing and data mining.

Are you suggesting that Google's systems:
-   preclude views of the various data-holdings as an integrated whole?
-   preclude such views being "readable by humans"?

Note that I didn't intend to convey that Google employees spend much 
time doing such things (and it's my error if what I wrote can be read 
that way).

I was intending to convey that the data-holdings are capable of being 
accessed in that manner, including by anyone who is permitted access 
(e.g. the FBI), and by anyone who hacks their way in.

Note that I acknowledged that Google probably knows a lot about security.

I cheerfully accept that my system would be easier to hack than theirs.

But note that they have a honey-pot, which I don't.  So the effort 
and money that a rational hacker would invest in cracking them is 
exponentially larger than what the rational hacker would invest in 
cracking me.


[Hey, this is fun!]


-- 
Roger Clarke                                 http://www.rogerclarke.com/

Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list