Schneier on Security: Tagged Google

Entries Tagged "Google"

Page 8 of 18

How Google Glass Snoops Steal Your Passcode

Researchers are refining the techniques of surreptitiously videoing people as they type in their passwords.

Other hackers have shown it’s possible to perform automated over-the-shoulder password stealing. But Fu notes that older video tools had to actually see the display, which often is impossible from a distance or from indirect angles. (See UMass’s PIN-capturing footage taken by Glass in the GIF below.) His team’s video recognition software can spot passcodes even when the screen is unreadable, based on its understanding of an iPad’s geometry and the position of the user’s fingers. It maps its image of the angled iPad onto a “reference” image of the device, then looks for the abrupt down and up movements of the dark crescents that represent the fingers’ shadows.

Slashdot thread.

Posted on July 10, 2014 at 2:25 PM • View Comments

Goldman Sachs Demanding E-Mail Be Deleted

Goldman Sachs is going to court to demand that Google retroactively delete an e-mail it accidentally sent.

The breach occurred on June 23 and included “highly confidential brokerage account information,” Goldman said in a complaint filed last Friday in a New York state court in Manhattan.

[…]

Goldman said the contractor meant to email her report, which contained the client data, to a “gs.com” account, but instead sent it to a similarly named, unrelated “gmail.com” account.

The bank said it has been unable to retrieve the report or get a response from the Gmail account owner. It said a member of Google’s “incident response team” reported on June 26 that the email cannot be deleted without a court order.

“Emergency relief is necessary to avoid the risk of inflicting a needless and massive privacy violation upon Goldman Sachs’ clients, and to avoid the risk of unnecessary reputational damage to Goldman Sachs,” the bank said.

“By contrast, Google faces little more than the minor inconvenience of intercepting a single email – an email that was indisputably sent in error,” it added.

EDITED TO ADD (7/7): Google deleted the unread e-mail, without waiting for a court order.

Posted on July 3, 2014 at 5:46 AM • View Comments

Fearing Google

Mathias Döpfner writes an open letter explaining why he fears Google:

We know of no alternative which could offer even partially comparable technological prerequisites for the automated marketing of advertising. And we cannot afford to give up this source of revenue because we desperately need the money for technological investments in the future. Which is why other publishers are increasingly doing the same. We also know of no alternative search engine which could maintain or increase our online reach. A large proportion of high quality journalistic media receives its traffic primarily via Google. In other areas, especially of a non-journalistic nature, customers find their way to suppliers almost exclusively though Google. This means, in plain language, that we and many others are dependent on Google. At the moment Google has a 91.2 percent search-engine market share in Germany. In this case, the statement “if you don’t like Google, you can remove yourself from their listings and go elsewhere” is about as realistic as recommending to an opponent of nuclear power that he just stop using electricity. He simply cannot do this in real life unless he wants to join the Amish.

A reaction. And another.

Posted on May 6, 2014 at 10:30 AM • View Comments

Is Google Too Big to Trust?

Interesting essay about how Google’s lack of transparency is hurting their trust:

The reality is that Google’s business is and has always been about mining as much data as possible to be able to present information to users. After all, it can’t display what it doesn’t know. Google Search has always been an ad-supported service, so it needs a way to sell those users to advertisers—that’s how the industry works. Its Google Now voice-based service is simply a form of Google Search, so it too serves advertisers’ needs.

In the digital world, advertisers want to know more than the 100,000 people who might be interested in buying a new car. They now want to know who those people are, so they can reach out to them with custom messages that are more likely to be effective. They may not know you personally, but they know your digital persona—basically, you. Google needs to know about you to satisfy its advertisers’ demands.

Once you understand that, you understand why Google does what it does. That’s simply its business. Nothing is free, so if you won’t pay cash, you’ll have to pay with personal information. That business model has been around for decades; Google didn’t invent that business model, but Google did figure out how to make it work globally, pervasively, appealingly, and nearly instantaneously.

I don’t blame Google for doing that, but I blame it for being nontransparent. Putting unmarked sponsored ads in the “regular” search results section is misleading, because people have been trained by Google to see that section of the search results as neutral. They are in fact not. Once you know that, you never quite trust Google search results again. (Yes, Bing’s results are similarly tainted. But Microsoft never promised to do no evil, and most people use Google.)

Posted on April 24, 2014 at 6:45 AM • View Comments

The Continuing Public/Private Surveillance Partnership

If you’ve been reading the news recently, you might think that corporate America is doing its best to thwart NSA surveillance.

Google just announced that it is encrypting Gmail when you access it from your computer or phone, and between data centers. Last week, Mark Zuckerberg personally called President Obama to complain about the NSA using Facebook as a means to hack computers, and Facebook’s Chief Security Officer explained to reporters that the attack technique has not worked since last summer. Yahoo, Google, Microsoft, and others are now regularly publishing “transparency reports,” listing approximately how many government data requests the companies have received and complied with.

On the government side, last week the NSA’s General Counsel Rajesh De seemed to have thrown those companies under a bus by stating that—despite their denials—they knew all about the NSA’s collection of data under both the PRISM program and some unnamed “upstream” collections on the communications links.

Yes, it may seem like the public/private surveillance partnership has frayed—but, unfortunately, it is alive and well. The main focus of massive Internet companies and government agencies both still largely align: to keep us all under constant surveillance. When they bicker, it’s mostly role-playing designed to keep us blasé about what’s really going on.

The U.S. intelligence community is still playing word games with us. The NSA collects our data based on four different legal authorities: the Foreign Intelligence Surveillance Act (FISA) of 1978, Executive Order 12333 of 1981 and modified in 2004 and 2008, Section 215 of the Patriot Act of 2001, and Section 702 of the FISA Amendments Act (FAA) of 2008. Be careful when someone from the intelligence community uses the caveat “not under this program” or “not under this authority”; almost certainly it means that whatever it is they’re denying is done under some other program or authority. So when De said that companies knew about NSA collection under Section 702, it doesn’t mean they knew about the other collection programs.

The big Internet companies know of PRISM—although not under that code name—because that’s how the program works; the NSA serves them with FISA orders. Those same companies did not know about any of the other surveillance against their users conducted on the far more permissive EO 12333. Google and Yahoo did not know about MUSCULAR, the NSA’s secret program to eavesdrop on their trunk connections between data centers. Facebook did not know about QUANTUMHAND, the NSA’s secret program to attack Facebook users. And none of the target companies knew that the NSA was harvesting their users’ address books and buddy lists.

These companies are certainly pissed that the publicity surrounding the NSA’s actions is undermining their users’ trust in their services, and they’re losing money because of it. Cisco, IBM, cloud service providers, and others have announced that they’re losing billions, mostly in foreign sales.

These companies are doing their best to convince users that their data is secure. But they’re relying on their users not understanding what real security looks like. IBM’s letter to its clients last week is an excellent example. The letter lists five "simple facts" that it hopes will mollify its customers, but the items are so qualified with caveats that they do the exact opposite to anyone who understands the full extent of NSA surveillance. And IBM’s spending $1.2B on data centers outside the U.S. will only reassure customers who don’t realize that National Security Letters require a company to turn over data, regardless of where in the world it is stored.

Google’s recent actions, and similar actions of many Internet companies, will definitely improve its users’ security against surreptitious government collection programs—both the NSA’s and other governments’—but their assurances deliberately ignores the massive security vulnerability built into its services by design. Google, and by extension, the U.S. government, still has access to your communications on Google’s servers.

Google could change that. It could encrypt your e-mail so only you could decrypt and read it. It could provide for secure voice and video so no one outside the conversations could eavesdrop.

It doesn’t. And neither does Microsoft, Facebook, Yahoo, Apple, or any of the others.

Why not? They don’t partly because they want to keep the ability to eavesdrop on your conversations. Surveillance is still the business model of the Internet, and every one of those companies wants access to your communications and your metadata. Your private thoughts and conversations are the product they sell to their customers. We also have learned that they read your e-mail for their own internal investigations.

But even if this were not true, even if—for example—Google were willing to forgo data mining your e-mail and video conversations in exchange for the marketing advantage it would give it over Microsoft, it still won’t offer you real security. It can’t.

The biggest Internet companies don’t offer real security because the U.S. government won’t permit it.

This isn’t paranoia. We know that the U.S. government ordered the secure e-mail provider Lavabit to turn over its master keys and compromise every one of its users. We know that the U.S. government convinced Microsoft—either through bribery, coercion, threat, or legal compulsion—to make changes in how Skype operates, to make eavesdropping easier.

We don’t know what sort of pressure the U.S. government has put on Google and the others. We don’t know what secret agreements those companies have reached with the NSA. We do know the NSA’s BULLRUN program to subvert Internet cryptography was successful against many common protocols. Did the NSA demand Google’s keys, as it did with Lavabit? Did its Tailored Access Operations group break into to Google’s servers and steal the keys?

We just don’t know.

The best we have are caveat-laden pseudo-assurances. At SXSW earlier this month, CEO Eric Schmidt tried to reassure the audience by saying that he was “pretty sure that information within Google is now safe from any government’s prying eyes.” A more accurate statement might be, “Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about. And, of course, we still have complete access to it all, and can sell it at will to whomever we want.” That’s a lousy marketing pitch, but as long as the NSA is allowed to operate using secret court orders based on secret interpretations of secret law, it’ll never be any different.

Google, Facebook, Microsoft, and the others are already on the record as supporting these legislative changes. It would be better if they openly acknowledged their users’ insecurity and increased their pressure on the government to change, rather than trying to fool their users and customers.

This essay previously appeared on TheAtlantic.com.

Posted on March 31, 2014 at 9:18 AM • View Comments

EU Might Raise Fines for Data Breaches

This makes a lot of sense.

Viviane Reding dismissed recent fines for Google as “pocket money” and said the firm would have had to pay $1bn under her plans for privacy failings.

Ms Reding said such punishments were necessary to ensure firms took the use of personal data seriously.

And she questioned how Google was able to take so long to getting round to changing its policy.

“Is it surprising to anyone that two whole years after the case emerged, it is still unclear whether Google will amend its privacy policy or not?” she said in a speech.

Ms Reding, who is also vice-president of the European Commission, wants far tougher laws that would introduce fines of up to 5% of the global annual turnover of a company for data breaches.

If fines are intended to change corporate behavior, they need to be large enough so that avoiding them is a smarter business strategy than simply paying them.

Posted on January 28, 2014 at 6:47 AM • View Comments

NSA Tracks People Using Google Cookies

The Washington Post has a detailed article on how the NSA uses cookie data to track individuals. The EFF also has a good post on this.

I have been writing and saying that surveillance is the business model of the Internet, and that government surveillance largely piggy backs on corporate capabilities. This is an example of that. The NSA doesn’t need the cooperation of any Internet company to use their cookies for surveillance purposes, but they do need their capabilities. And because the Internet is largely unencrypted, they can use those capabilities for their own purposes.

Reforming the NSA is not just about government surveillance. It has to address the public-private surveillance partnership. Even as a group of large Internet companies have come together to demand government surveillance reform, they are ignoring their own surveillance activities. But you can’t reform one without the other. The Free Software Foundation has written about this as well.

Little has been written about how QUANTUM interacts with cookie surveillance. QUANTUM is the NSA’s program for real-time responses to passive Internet monitoring. It’s what allows them to do packet injection attacks. The NSA’s Tor Stinks presentation talks about a subprogram called QUANTUMCOOKIE: “forces clients to divulge stored cookies.” My guess is that the NSA uses frame injection to surreptitiously force anonymous users to visit common sites like Google and Facebook and reveal their identifying cookies. Combined with the rest of their cookie surveillance activities, this can de-anonymize Tor users if they use Tor from the same browser they use for other Internet activities.

Posted on December 12, 2013 at 6:21 AM • View Comments

Surveillance as a Business Model

Google recently announced that it would start including individual users’ names and photos in some ads. This means that if you rate some product positively, your friends may see ads for that product with your name and photo attached—without your knowledge or consent. Meanwhile, Facebook is eliminating a feature that allowed people to retain some portions of their anonymity on its website.

These changes come on the heels of Google’s move to explore replacing tracking cookies with something that users have even less control over. Microsoft is doing something similar by developing its own tracking technology.

More generally, lots of companies are evading the “Do Not Track” rules, meant to give users a say in whether companies track them. Turns out the whole “Do Not Track” legislation has been a sham.

It shouldn’t come as a surprise that big technology companies are tracking us on the Internet even more aggressively than before.

If these features don’t sound particularly beneficial to you, it’s because you’re not the customer of any of these companies. You’re the product, and you’re being improved for their actual customers: their advertisers.

This is nothing new. For years, these sites and others have systematically improved their “product” by reducing user privacy. This excellent infographic, for example, illustrates how Facebook has done so over the years.

The “Do Not Track” law serves as a sterling example of how bad things are. When it was proposed, it was supposed to give users the right to demand that Internet companies not track them. Internet companies fought hard against the law, and when it was passed, they fought to ensure that it didn’t have any benefit to users. Right now, complying is entirely voluntary, meaning that no Internet company has to follow the law. If a company does, because it wants the PR benefit of seeming to take user privacy seriously, it can still track its users.

Really: if you tell a “Do Not Track”-enabled company that you don’t want to be tracked, it will stop showing you personalized ads. But your activity will be tracked—and your personal information collected, sold and used—just like everyone else’s. It’s best to think of it as a “track me in secret” law.

Of course, people don’t think of it that way. Most people aren’t fully aware of how much of their data is collected by these sites. And, as the “Do Not Track” story illustrates, Internet companies are doing their best to keep it that way.

The result is a world where our most intimate personal details are collected and stored. I used to say that Google has a more intimate picture of what I’m thinking of than my wife does. But that’s not far enough: Google has a more intimate picture than I do. The company knows exactly what I am thinking about, how much I am thinking about it, and when I stop thinking about it: all from my Google searches. And it remembers all of that forever.

As the Edward Snowden revelations continue to expose the full extent of the National Security Agency’s eavesdropping on the Internet, it has become increasingly obvious how much of that has been enabled by the corporate world’s existing eavesdropping on the Internet.

The public/private surveillance partnership is fraying, but it’s largely alive and well. The NSA didn’t build its eavesdropping system from scratch; it got itself a copy of what the corporate world was already collecting.

There are a lot of reasons why Internet surveillance is so prevalent and pervasive.

One, users like free things, and don’t realize how much value they’re giving away to get it. We know that “free” is a special price that confuses peoples’ thinking.

Google’s 2013 third quarter profits were nearly $3 billion; that profit is the difference between how much our privacy is worth and the cost of the services we receive in exchange for it.

Two, Internet companies deliberately make privacy not salient. When you log onto Facebook, you don’t think about how much personal information you’re revealing to the company; you’re chatting with your friends. When you wake up in the morning, you don’t think about how you’re going to allow a bunch of companies to track you throughout the day; you just put your cell phone in your pocket.

And three, the Internet’s winner-takes-all market means that privacy-preserving alternatives have trouble getting off the ground. How many of you know that there is a Google alternative called DuckDuckGo that doesn’t track you? Or that you can use cut-out sites to anonymize your Google queries? I have opted out of Facebook, and I know it affects my social life.

There are two types of changes that need to happen in order to fix this. First, there’s the market change. We need to become actual customers of these sites so we can use purchasing power to force them to take our privacy seriously. But that’s not enough. Because of the market failures surrounding privacy, a second change is needed. We need government regulations that protect our privacy by limiting what these sites can do with our data.

Surveillance is the business model of the Internet—Al Gore recently called it a “stalker economy.” All major websites run on advertising, and the more personal and targeted that advertising is, the more revenue the site gets for it. As long as we users remain the product, there is minimal incentive for these companies to provide any real privacy.

This essay previously appeared on CNN.com.

Posted on November 25, 2013 at 6:53 AM • View Comments

A Fraying of the Public/Private Surveillance Partnership

The public/private surveillance partnership between the NSA and corporate data collectors is starting to fray. The reason is sunlight. The publicity resulting from the Snowden documents has made companies think twice before allowing the NSA access to their users’ and customers’ data.

Pre-Snowden, there was no downside to cooperating with the NSA. If the NSA asked you for copies of all your Internet traffic, or to put backdoors into your security software, you could assume that your cooperation would forever remain secret. To be fair, not every corporation cooperated willingly. Some fought in court. But it seems that a lot of them, telcos and backbone providers especially, were happy to give the NSA unfettered access to everything. Post-Snowden, this is changing. Now that many companies’ cooperation has become public, they’re facing a PR backlash from customers and users who are upset that their data is flowing to the NSA. And this is costing those companies business.

How much is unclear. In July, right after the PRISM revelations, the Cloud Security Alliance reported that US cloud companies could lose $35 billion over the next three years, mostly due to losses of foreign sales. Surely that number has increased as outrage over NSA spying continues to build in Europe and elsewhere. There is no similar report for software sales, although I have attended private meetings where several large US software companies complained about the loss of foreign sales. On the hardware side, IBM is losing business in China. The US telecom companies are also suffering: AT&T is losing business worldwide.

This is the new reality. The rules of secrecy are different, and companies have to assume that their responses to NSA data demands will become public. This means there is now a significant cost to cooperating, and a corresponding benefit to fighting.

Over the past few months, more companies have woken up to the fact that the NSA is basically treating them as adversaries, and are responding as such. In mid-October, it became public that the NSA was collecting e-mail address books and buddy lists from Internet users logging into different service providers. Yahoo, which didn’t encrypt those user connections by default, allowed the NSA to collect much more of its data than Google, which did. That same day, Yahoo announced that it would implement SSL encryption by default for all of its users. Two weeks later, when it became public that the NSA was collecting data on Google users by eavesdropping on the company’s trunk connections between its data centers, Google announced that it would encrypt those connections.

We recently learned that Yahoo fought a government order to turn over data. Lavabit fought its order as well. Apple is now tweaking the government. And we think better of those companies because of it.

Now Lavabit, which closed down its e-mail service rather than comply with the NSA’s request for the master keys that would compromise all of its customers, has teamed with Silent Circle to develop a secure e-mail standard that is resistant to these kinds of tactics.

The Snowden documents made it clear how much the NSA relies on corporations to eavesdrop on the Internet. The NSA didn’t build a massive Internet eavesdropping system from scratch. It noticed that the corporate world was already eavesdropping on every Internet user—surveillance is the business model of the Internet, after all—and simply got copies for itself.

Now, that secret ecosystem is breaking down. Supreme Court Justice Louis Brandeis wrote about transparency, saying “Sunlight is said to be the best of disinfectants.” In this case, it seems to be working.

These developments will only help security. Remember that while Edward Snowden has given us a window into the NSA’s activities, these sorts of tactics are probably also used by other intelligence services around the world. And today’s secret NSA programs become tomorrow’s PhD theses, and the next day’s criminal hacker tools. It’s impossible to build an Internet where the good guys can eavesdrop, and the bad guys cannot. We have a choice between an Internet that is vulnerable to all attackers, or an Internet that is safe from all attackers. And a safe and secure Internet is in everyone’s best interests, including the US’s.

This essay previously appeared on TheAtlantic.com.

Posted on November 14, 2013 at 6:21 AM • View Comments

NSA Eavesdropping on Google and Yahoo Networks

The Washington Post reported that the NSA is eavesdropping on the Google and Yahoo private networks—the code name for the program is MUSCULAR. I may write more about this later, but I have some initial comments:

It’s a measure of how far off the rails the NSA has gone that it’s taking its Cold War–era eavesdropping tactics—surreptitiously eavesdropping on foreign networks—and applying them to US corporations. It’s skirting US law by targeting the portion of these corporate networks outside the US. It’s the same sort of legal argument the NSA used to justify collecting address books and buddy lists worldwide.
Although the Washington Post article specifically talks about Google and Yahoo, you have to assume that all the other major—and many of the minor—cloud services are compromised this same way. That means Microsoft, Apple, Facebook, Twitter, MySpace, Badoo, Dropbox, and on and on and on.
It is well worth re-reading all the government denials about bulk collection and direct access after PRISM was exposed. It seems that it’s impossible to get the truth out of the NSA. Its carefully worded denials always seem to hide what’s really going on.
In light of this, PRISM is really just insurance: a way for the NSA to get legal cover for information it already has. My guess is that the NSA collects the vast majority of its data surreptitiously, using programs such as these. Then, when it has to share the information with the FBI or other organizations, it gets it again through a more public program like PRISM.
What this really shows is how robust the surveillance state is, and how hard it will be to craft laws reining in the NSA. All the bills being discussed so far only address portions of the problem: specific programs or specific legal justifications. But the NSA’s surveillance infrastructure is much more robust than that. It has many ways into our data, and all sorts of tricks to get around the law. Note this quote from yesterday’s story:

John Schindler, a former NSA chief analyst and frequent defender who teaches at the Naval War College, said it is obvious why the agency would prefer to avoid restrictions where it can.

“Look, NSA has platoons of lawyers, and their entire job is figuring out how to stay within the law and maximize collection by exploiting every loophole,” he said. “It’s fair to say the rules are less restrictive under Executive Order 12333 than they are under FISA,” the Foreign Intelligence Surveillance Act.

No surprise, really. But it illustrates how difficult meaningful reform will be. I wrote this in September:

It’s time to start cleaning up this mess. We need a special prosecutor, one not tied to the military, the corporations complicit in these programs, or the current political leadership, whether Democrat or Republican. This prosecutor needs free rein to go through the NSA’s files and discover the full extent of what the agency is doing, as well as enough technical staff who have the capability to understand it. He needs the power to subpoena government officials and take their sworn testimony. He needs the ability to bring criminal indictments where appropriate. And, of course, he needs the requisite security clearance to see it all.

We also need something like South Africa’s Truth and Reconciliation Commission, where both government and corporate employees can come forward and tell their stories about NSA eavesdropping without fear of reprisal.

Without this, crafting reform legislation will be impossible.
Finally, we need more encryption on the Internet. We have made surveillance too cheap, not just for the NSA but for all nation-state adversaries. We need to make it expensive again.

EDITED TO ADD (11/1): We don’t actually know if the NSA did this surreptitiously, or if it had assistance from another US corporation. Level 3 Communications provides the data links to Google, and its statement was sufficiently non-informative as to be suspicious:

In a statement, Level 3 said: “We comply with the laws in each country where we operate. In general, governments that seek assistance in law enforcement or security investigations prohibit disclosure of the assistance provided.”

When I write that the NSA has destroyed the fabric of trust on the Internet, this is the kind of thing I mean. Google can no longer trust its bandwidth providers not to betray the company.

EDITED TO ADD (11/2): The NSA’s denial is pretty lame. It feels as if it’s hardly trying anymore.

We also know that Level 3 Communications already cooperates with the NSA, and has the codename of LITTLE:

The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”). The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”).

Again, those code names should properly be in all caps.

EDITED TO ADD (11/5): More details on the program.

Posted on October 31, 2013 at 10:29 AM • View Comments

←Previous 1 … 6 7 8 9 10 … 18 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.