Google Plans Service to Store Users' Data Online

achillean wrote this morning with a link to the Wall Street Journal, announcing plans we've all seen coming for a while: an online data storage service from Google. Though the article doesn't come out and call the project 'gDrive' or anything like that, it does indicate the service could be available within the next few months. "Google's push underlines a shift in how businesses and consumers approach computing. They are increasingly using the Web to access applications and files stored in massive computer data centers operated by tech companies such as Salesforce.com Inc., Microsoft Corp. and Google. Such arrangements, made possible by high-speed Internet connections between homes, offices and data centers, aim to ease users' technology headaches and, in some cases, cut their costs."

Everything old is new again

[pryoplasm]

a strategy that could accelerate a shift to Web-based computing doesn't this sound just a little bit like a dumb terminal in terms of computing?

Call Me Paranoid

[cybermage]

In an age of sealed warrants, if the government even bothers with that, why would anyone put their data out of their sight? When it comes to privacy, I cannot see how the benefits outweigh the risks.

possibilities

[rgiskard01]

As a recent convert to google apps, this is very interesting. I have/still have all the concerns about my privacy, but the offering was too tempting to pass up. Of course I use the Firefox Customize Google add on, but also don't really put anything sensitive up there. If they build it right, it could be very nice. I've tried all the online backup apps, and outside of Mozy, don't really like any that much. But I'm now all Linux, so Mozy is no longer an option. Anything that competes with Microsoft is a good thing!

Re:Call Me Paranoid

[TimeTraveler1884]

In an age of sealed warrants, if the government even bothers with that, why would anyone put their data out of their sight? When it comes to privacy, I cannot see how the benefits outweigh the risks.

Well see, there is thing called "encryption". If used properly, it can be quite effective in maintaining one's privacy. With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.

I did not RTFA, so I think it will depend on if they plan to give this service away for free and data mine what you are storing. In any case, if they don't encrypt it, then you are free to encrypt the data yourself beforehand as a user.

User-centric Encryption needed

[mwilliamson]

Google needs to incorporate encryption with keys totally held and managed by the end user in such a way that even if Google is subpoenaed or shown national security papers, Google would be technically unable to access end-user's data. Another words, at no time should Google have access to any of the user's cleartext nor the user's secret key. Decryption would all be client-side. A subpoena or national security letter would have to go directly to the end user who would then at least know they are being served.

Re:User-centric Encryption needed

[Zarhan]

Not gonna happen.

Their business is advertising.

So, they will be reading through your documents so they can put up some ads when you are browsing your files online. Putting your home finance excel sheet to gDrive? Be prepared to see TaxPlanner ads on the sidebar. Putting your holiday photos to gDrive for backup purposes? They'll probably go through the EXIF data and send you ads about latest Canon products (or whatever your camera model is).

Re:Useless to me w/Rogers

[chrish]

Not to mention the standard North American practise of providing terrible up-stream speeds on cable and DSL lines. It'd take ages to upload 5GB (or whatever GMail's current limit is) of data.

I'm too impatient to back up 5GB of data over my 100Mbit LAN, I'm not doing it at "up to" 800kbits/sec.

Re:Call Me Paranoid

[Anonymous Brave Guy]

With Google's track record of protecting user's privacy, I would not be surprised if the service automatically encrypts the data during transit on the desktop and Google does not transmit the keys to their server.

I'm sorry, what track record would that be?

Google are quite possibly the world's leading authority on automated information gathering. After all, their ad-based business model fundamentally relies on being able to target those ads, and the continued success of their primary service, the search engine, depends on how effectively and comprehensively they can process the entire WWW.

As we have seen in the past, with everything from Google Street View to the leaks from a certain other popular search engine to Google Groups archives, vast databases like this will inevitably include information that people might have expected to remain private, and these services can make it accessible (deliberately or otherwise) to the entire world.

Google are a business like any other and, despite all the "do no evil" rhetoric, they will still do whatever they can get away with to make a profit for their shareholders, and they can still be compelled to disclose any information required by law (and laws can change).

Right now, it probably is no exaggeration to say that Google is the single greatest threat to privacy the world has ever seen.

Re:User-centric Encryption needed

[Anonymous Brave Guy]

Not gonna happen. Their business is advertising.

Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.

Re:android

[4D6963]

Any android device can be a 'dumb' terminal for your data.

Excuse the necessary pedantry, but do you realise that something cannot be a "dumb terminal for data", and that it's quite an insensible way to formulate it regardless of what the term "dumb terminal" actually means? Are you aware of the fact that "dumb terminals" involve remote processing, and not mere access to remote data? I just had to clarify this, as people keep talking about dumb terminals and thin clients as it actually has little to do with the topic at hand.

Re:User-centric Encryption needed

[jfuredy]

Sorry, I've posted in this thread already so I can't mod you up. But your post is right on the money. All these people talking about encryption are forgetting that storing the data in an independently encrypted way simply isn't in Google's interests. And if people start encrypting everything themselves, as any smart user of the service clearly would if they used it at all, then Google will either find ways to link those users to other services so they can guess which profitable ads to include, or they will simply cancel the service if it isn't making money and isn't leading to something else they do making money.

It may be true that Google wants to be able to read your data to serve ads, but the real question is, how many people would actually use it on all of their data? And will Google go out of their way to prevent encrypted data uploads for the small percentage of intelligent and vocal users who want encryption? My bet is that they don't provide encryption, but that they don't prevent it either.

Re:Recomendation to dissidents

[TheRaven64]

Do you really think Google has enough computing power to crack 128-bit AES? To crack a symmetric cypher, on average, you need to search half of the key space. That means you'd need to search 2^127 keys. My 2GHz Core 2 Duo can (according to openssl speed aes) do about 40,000 1024 byte blocks per second. In one year, it could do 1.3x10^12. If you had a compute cluster composed entirely of machines of this speed, it would need a shade under 1.3×10^26 machines to be able to crack a single AES-encrypted message in a year (on average).

To put this in perspective, Apple sold 1.6x10^6 computers in the first quarter of this year[1]. You would need to buy every single computer Apple made for 4x10^19 years. If we assume Apple sells approximately 5% of all computers, you would need to buy every computer made (assuming constant production) for 10^18 years.

To put that even more in perspective (10^18 is still a bit big for my brain), the age of the universe is estimated to be just under 1.4x10^10 years. If, for every year that the universe has been around so far, you bought as many computers as could have been made if production had begun at the current rate at the start of the universe and continued until now, then you would have slightly more CPU power than you need to crack 128-bit AES. Oh, and trying all of the possible keys is only half the problem; you also need to recognise when you've decrypted it.

Of course, if you're really paranoid, you can use 256-bit AES (the time to crack it doubles for every extra bit of key length).

[1] I tried to find numbers for Intel and Dell, but could only find revenue and profit numbers, not sales.

Re:Call Me Paranoid

[Sancho]

...and if the NSA could crack AES-128, what would you expect to hear from them and any security-cleared academics involved? Let me lay it out for you bluntly. They'd say something along the lines of "The algorithm has been extensively critiqued and found to be strong."

Though since the algorithm is public anyone can examine it, including people who are NOT under NDA.

Also, there's quite a difference between what Dr. Joe Honest, working on his stipend until 4pm each day with what he, his TA, and his mighty 3 GHz windows or linux machine can do, and an organization that has billions in budget normally, can get more anytime they ask, no difficult goals but breaking encryption and signal intercept, and which has made it a point to hire as many of the best minds in encryption as possible for, oh, say the last fifty years or so. And this in a world where quantum attacks are thought to be only a matter of sufficiently developed technology.

If we're talking about a brute-force, the math is pretty easy to figure out. You decide that you protect your data from X computing power, and you realize that if someone has X^2 computing power, they're going to get your data. Generally speaking, that's the best that you can do.

If we're talking about flaws in the algorithm that allow someone with a "secret key" to decrypt the data, then we're talking about a whole level of conspiracy and obfuscation. I don't put it past the government to do this, but at the same time, this is a harder thing to do when the algorithms are publicly available. You can bet that other governments with big budgets want to break AES, too. So if the NSA approved it for US government use, they probably believe it to be secure.

Others have pointed out non-computational attacks on cryptography, such as keyloggers or interrogation. I don't think that these are good arguments against the use of cryptography in general--realistically, they're good arguments against ever making hard copies of extremely sensitive data in the first place.

I don't particularly want my government to have a profile on me. It's not that I have anything to hide, it's just that I value privacy. If I store data online, and the government makes a deal with Google to let them profile everyone's data, encryption will allow me to limit the profile a bit. If they can break the encryption, then I'm still not in a terrible situation. But if they really wanted my data, they'd get it, through subpoena or interrogation or some other method, so realistically, I'm just protecting against sweeps and the corporation itself reading my data. As long as a person understands all of this, it's really no big deal.