According to an article here, Google is to be hit with a class-action lawsuit in the US, and other lawsuits in several countries for collecting personal data. While I may not endorse sniffing the wireless traffic of others, I could say these people brought their troubles upon themselves.
Take the article's example, Vicki Van Valin: she works in the technology industry, no doubt having contact with several technicians or IT experts every day. She routinely transmits large amounts of sensitive data subject to non-disclosure agreements. Across an unsecured wireless network. I sincerely hope I'm not the only one who sees the problem here.
Other argued that via sniffing their traffic, Google has gained access to their credit card numbers and other account data. If they transmit that in the clear, over an unsecured, unencrypted connection, Google is the least of their problems by now. There is a good chance that they were using Google accounts and Google Checkout anyway, making their points moot, since Google already owns their data...
If anyone is familiar with the practice of wardriving, they know that wardrivers, in any given car, will routinely index wireless networks they pass. They do not sniff the traffic (most of the time), just the access point name, location, and security. Google did the same thing basically, only a bit more extensively. Some hapless engineer probably forgot to enable a filter, and now all hell is breaking loose.
I say give Google a breather. I have a wireless network at home, and I routinely transmit private data. But I have a 256-bit WPA2 encryption in place. Let the NSA come and weep, for they won't break that before the Universe dies. I've been walking around with my PDA set to scan for a while now. It astonishes me how many network I see with no lock icon beside it, and even with the default network name set by the router. I have to say I'm often tempted to see whether they changed the default password. I have done that with people I know, and found that I could easily access their router with the default login credentials. It's sad to see that networks go unsecured, data leaks out, and the users blame everyone but themselves, for a problem they let occur in the first place.
Also of interest is the fact that people worry about Google's privacy policy, all the while using Google products, against their supposedly better judgement. Easy solution: if you're worried about them stealing your data, don't use them.
This would be the smart move: if you're worried, leave it! Not sue them, continue using the products, over unsecured networks, then go cry when someone actually does bad things with your plaintext data.
I'll leave you to your thoughts, and hopefully securing your networks, now.
No comments:
Post a Comment