[LINK] Google wifi collection: WiSpy
Jan Whitaker
jwhit at janwhitaker.com
Mon Jun 14 12:39:24 AEST 2010
Google CEO blames 'WiSpy' fiasco on rogue hacker-employee
http://www.itworld.com/print/110114
June 5, 2010
In an interview with the Financial Times this
week, Google CEO Eric Schmidt blamed the whole
"WiSpy" fiasco on a single, rogue employee operating outside company rules.
Google is being investigated in multiple
countries for using its Street View cars to
harvest personal data from every home and
business Wi-Fi network the cars drove past.
Schmidt
<http://www.ft.com/cms/s/2/bdec0ee8-6f4f-11df-9f43-00144feabdc0.html>said
that an internal software engineer violated
company policy by inserting code into the Street
View software that was undetected by anyone else
at the company. He said Google is investigating the employee.
Unless I'm misreading Schmidt, he's implying that
a Google software developer created software that
secretly piggybacked on legitimate Google
equipment to wardrive the world, hijacking
hundreds or thousands of Google Street View cars
in dozens of countries over at least three years.
Does that sound far-fetched to you?
First of all, the Street View cars would need
equipment for seeking out Wi-Fi networks and
harvesting and decoding available data. Google
must have had some official purpose for this
equipment. Did the company intent to capture MAC
addresses only, and associate those addresses
with GPS coordinates for later location-oriented
services? If not, why did the Street View cars
have all that special equipment turned on?
Second, the captured data need to be stored,
transmitted to Google, backed up and generally
managed like any other data. And all this went
undiscovered? How did the rogue employee hide the
data so well that it went undetected for several years?
And finally, there's some speculation that the
unnamed software engineer performed this hack of
the century as a "20 percent time" project.
Google encourages employees to spend 20 percent
of their time on some personal project that could
become a Google product. Gmail and Orkut are two
examples of "20 percent time" projects that made
the big time. Does Google need to revisit the
oversight process for its engineers' personal
projects? Are there other projects in motion that
are harvesting the personal data of unwitting
victims right now? If Google didn't know about
the WiSpy hack, how would it know about any other similar rogue projects?
Schmidt is probably being straight with the press
when he says one employee caused the whole WiSpy
controversy. But the company has a much larger
responsibility to prevent employees or anyone
else from using its equipment to violate the
privacy of people who aren't necessarily even
Google customers. Google also has the
responsibility to tell us the whole story as soon
as they know it. Blaming one rogue employee just doesn't make sense.
Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com
Our truest response to the irrationality of the
world is to paint or sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer
_ __________________ _
More information about the Link
mailing list