Google’s Wi-Fi Spying: What Were They Thinking?
May 16th, 2010Via: PCWorld:
“Don’t be evil” has gone all 1984 on us. Or so it seems after Google revealed Friday that its Street View cars, in addition to snapping photos of the world’s roadways, have also been collecting sensitive personal information from unencrypted wireless networks.
It was no secret that Google’s cars had already been collecting publicly broadcast SSID information (Wi-Fi network names) and MAC addresses (unique numbers for devices like Wi-Fi routers). But this techie data, which is used for location-based services such as Google Maps, didn’t include any “payload data,” or personal information sent over the network.
Or so “Big Brother” Google claimed on April 27. But yesterday the search behemoth ‘fessed up to a security gaffe of Orwellian proportions. Due to a piece of code written in 2006 by an engineer for an experimental Wi-Fi project, Google had in fact been collecting those private bits after all:
“But it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products,” wrote Alan Eustace, Google senior VP, engineering & research.
Wow. That’s freaky and strange. And not in a good way, either.
Google was smart to open up about the spying incident. An attempted cover-up would have proven disastrous, particularly when numerous consumer and government agencies worldwide have criticized the search company’s seemingly insatiable appetite for personal information, a quest that critics say infringes on individual privacy rights.
There’s little doubt the Wi-Fi spying incident won’t fade away quietly. In fact, the Electronic Frontiers Association (EFA) and Australia Privacy Foundation (APF) have joined forces to question potential security mishaps by Google’s Street View, according to a report by Computerworld Australia.
The latest Street View controversy is sweet fodder for conspiracy theorists. As someone said to me responding to the news: “Imagine, Google driving around in vans, taking pictures of EVERYTHING, and gobbling up Wi-Fi signals like some new-age techno CIA.” Sweet conspiracy fodder, indeed.
I’m calling accidental/unintended capture on this one.
– I can see why they were scanning in the first place, as tying GPS locations with signal strengths, SSIDs and MAC addresses gives a handy way of estimating location in the absence of GPS. (Still creepy as they’re recording the location of hardware you own)
– Anyone who is running an open (unencrypted) network is asking for trouble anyway. The google car passed by once as it scanned the street. Your neighbour on the other hand is probably downloading porn on your connection 24/7 or is infected with malware that is traffic-sniffing for usernames and passwords.
Personally, I don’t understand a lot of thing about network security, and I can bet that 80% of the people scanned by google know less than me about it. I find it sad that google might actually have looked at personal data of those people.
Maybe it’s really an accident and like I said I’m not an expert programmer, so maybe someone who know more could tell us if it is likely that they can use an old code that gather a lot of information without realizing it. Shouldn’t their hard drive become full way faster than expected?