Google in The Onion


MOUNTAIN VIEW, CA—Responding to recent public outcries over its handling of private data, search giant Google offered a wide-ranging and eerily well-informed apology to its millions of users Monday.

“We would like to extend our deepest apologies to each and every one of you,” announced CEO Eric Schmidt, speaking from the company’s Googleplex headquarters. “Clearly there have been some privacy concerns as of late, and judging by some of the search terms we’ve seen, along with the tens of thousands of personal e-mail exchanges and Google Chat conversations we’ve carefully examined, it looks as though it might be a while before we regain your trust.”

Google expressed regret to some of its third-generation Irish-American users on Smithwood between Barlow and Lake.

Added Schmidt, “Whether you’re Michael Paulson who lives at 3425 Longview Terrace and makes $86,400 a year, or Jessica Goldblatt from Lynnwood, WA, who already has well-established trust issues, we at Google would just like to say how very, truly sorry we are.”

Posted on March 8, 2010 at 2:24 PM18 Comments


Carl March 8, 2010 3:24 PM

Hash: SHA1

    Version: GnuPG v1.4.9 (GNU/Linux)

Version: GnuPG v1.4.9 (GNU/Linux)


Bruce should be able to read that, no one else should without quite a lot of time. Even Google will have trouble with it.

Micah March 8, 2010 3:52 PM

@Carl: I doubt Google will have any trouble whatsoever about your encrypted comment, because they won’t care one bit!

Benton Jackson March 8, 2010 4:06 PM

I know this is satire, but I think I’m still going to keep the post-it on the camera on my laptop.

Carl "SAI" Mitchell March 8, 2010 4:50 PM

@Micah: Quite true. But it’s an example, there is a solution. It’s just time consuming to use, and no one really cares. I doubt Bruce will read it, and he’s the one with the private key.
It’s not too easy to have an encrypted conversation. You have to:
1) have both parties make key-pairs.
2) exchange public keys (easier with a keyserver, but still can be hard. My kgpg crashed trying to get Bruce’s key, though gpg (command line, not gui) worked fine.)
3) write the message
4) encrypt the message, possibly sign it. This uses an external app much of the time.
5) send the message.

As opposed to a normal message:
1) Write the message.
2) Send the message.

redbrain March 8, 2010 5:02 PM

Evidently that guy carl who posted his signed and encrypted GPG message doesn’t understand what GPG is for. Anyone who accepts and trusts your public key just to read that would break the whole web of trust that PGP was designed for!

Sam Edwards March 8, 2010 7:07 PM

Bruce has a key that’s compatible with GPG? Last I checked, they were all from 1998 or thereabouts. What’s the key fingerprint?

Nick P March 8, 2010 7:09 PM

@ redbrain

It’s ok. Carl was using the PGP extension to Gmail. The encryption is irrelevant. They are undoubtedly responding to his comment as we speak.

vwm March 9, 2010 3:26 AM

@redbrain: why would you need to trust Carl’s public key? The recipient can decrypt the message and everyone can check the authenticity without placing any trust in the Carl’s key.

The benefit of this might be small: we can check if the next message signed by Carl is from the same Carl, no more. But certainly that does not break the whole web of trust.

Eve March 9, 2010 4:03 AM


If you’re going to encrypt a post saying “First post!” you should at least make sure you were first 😉

Craig March 9, 2010 4:53 AM

I have just discovered ‘The Onion – America’s Finest News Source’ and find it very entertaining, and this was after googling the name.

I only discovered this through social networking, so this brings up the concerns about privacy of my search habits etc a couple of posts ago.

I only discovered the social networking by Googling the social networking names.

From a security perspective Google probably has the information that the article was poking fun at, but I would not have known all this before Googles help.

What would our lives be like without Google?

2nd Question – How many of us first found the Schneier Blog by googling it?

vedaal March 9, 2010 8:56 AM

@sam edwards

GPG (GnuPG) is open-PGP, and can do anything that PGP can (and then some) except use split keys and ADK’s.

It doesn’t bother with wiping or containers as there are other excellent free open source programs that do that
(Eraser, and TrueCrypt).

Any key in PGP will be recognized in GPG.


Nemo March 9, 2010 10:02 AM

Craig – I, for one, first found his blog through the Cryptogram newsletter, which I first subscribed to via email in 1998.

I’m pretty sure I first found out about the newsletter in a Usenet newsgroup, but I could be wrong; it’s been a couple of years. 🙂

generic March 10, 2010 1:39 PM

Craig: “2nd Question – How many of us first found the Schneier Blog by googling it?”

Close enough, I found it (just recently) through feedly, a Google Reader based tool, through the recommendations feature – meaning (I guess) enough people “shared” their use of the feed.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.