[LINK] Crikey: 'Google a 'honeypot' for authoritarian governments'
Roger Clarke
Roger.Clarke at xamax.com.au
Thu Jan 14 19:20:49 AEDT 2010
At 18:26 +1100 14/1/10, Geordie Guy wrote:
>... The overall thrust of the article is that the attack on Google
>was not to achieve knowledge of the conversations of human rights
>activists, but more likely that Google has a near-exhaustive
>database of personal information that makes them target zero for any
>hackers and that was the motivation. ...
Qualify the whole with 'speculation that', and that's close enough to
what I meant.
>In order for that thrust to exist, Google must have not only the
>personal information we all accept they have, but for it to be
>comprehensible in any way other than streams of machine-readable
>data going from one system that collects it to another system that
>profitably uses it (highly doubtful or even impossible). ...
>Example:
>System A contains [data] partially encrypted and I don't know which
>columns in the database mean what. ...
>System B ... an internal description of distances between cameras
>and grid references in the mall and I don't have any meaningful way
>of interpreting it.
I was using the term 'view' in the CODASYL sense. By about 1972, it
was conventional to gain access to data-files by means of
code-libraries. As DBMS emerged, and as data dictionaries matured
into IRDS, apps became quite easy compared with the early years.
An amateur cracker who gets inside and says 'golly, I made it' might
well see a mass of bits much like sci-fi films depict the matrix.
But a professional cracker who's seriously inside can acquire the
necessary privileges, and invoke pre-written applications software,
and utilise available libraries and utilities.
>>>Note that I didn't intend to convey that Google employees spend
>>>much time doing such things (and it's my error if what I wrote can
>>>be read that way).
>No. I can't think of a jurisdiction where it'd be legal.
Um, Arkansas? India? (Arkansas is the data haven in which Acxiom is
understood to have its database. The significance of India is
probably apparent enough).
Apart from which, what's data protection law got to do with it? It's
unenforced, and in most countries that have it, unenforceable.
But, agreed, that's a side-show in the present discussion.
>It is now my nicotine withdrawl has gone away thanks to these mint things...
Commiserations. But it explains the smoking gun (:-)}
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link
mailing list