Report Finds Google Supervisors Knew About Wi-Fi Data Harvesting

bonch writes "According to the FCC report, Google's collection of Street View data was not the unauthorized act of a rogue engineer, as Google had portrayed it, but an authorized program known to supervisors and at least seven other engineers. The original proposal contradicts Google's claim that there was no intent to gather payload data: 'We are logging user traffic along with sufficient data to precisely triangulate their position at a given time, along with information about what they were doing.'"

Who the hell cares?

[elbonia]

Let's sum up the whole thing, "Google had not violated any laws". That's straight from the article and the FCC investigation report. Not one single law was broken, PERIOD. So how is this news? If the NYT really wants to do news about privacy rights why doesn't it put the bullshit CISPA on the front page instead of ignoring it.

Its Kismet.

[Anonymous Coward]

For those who don't know, the unmentioned program is Kismet [johnmeyer.net] So what if Google engineers knew about its capabilities to write pcap files? It's not an overwhelming amount of data for each Google car when compared to everything else it's collecting, and I wouldn't be surprised if it was simply left on, since I belive that's how kismet comes out of the box. The big point is Kismet also plots access point data in easily parsable formats along with signal strength, geographical coordinances, clients connected, other computers probing for certain networks unlike anything else out there so the choice for this software for wifi location collection was, without question the smartest choice. Its method of gathering data is instead of actively probing networks that respond (like Netstumbler) it instead listens silently in rfmon, or "monitor mode", and hops channels, decodes everything from layer 2, similar in principle to how a conventional radio scanner works. It can be configured to discard the pcap data, but privacy issues aside, when you're embarking on such a massively large and expensive project, I think it would suck if you later on really wished you had collected that data, especially if you find bugs and the program crashes in mysterious ways?

Re:There are rules, even unspoken

[LordLucless]

Consider what you're saying. It's like condoning someone who breaks

Wrong. There were no locks for them to break

and enters

Wrong. People were transmitting their information into the street, Google didn't have to enter anything

Want to try again with another analogy?

Re:Who the hell cares?

[Anonymous Coward]

What, exactly, is wrong with receiving public broadcasts? Yes, they're public, unencrypted broadcasts in a shared band.

The NYT didn't read the Fed report either...

[Jerry]

They spent a year and tens of thousands of dollars "investigating" Google and couldn't find any violations of the law, so the make a bogus claim that Google "didn't cooperate". Why should Google? What the Feds wanted was for Google to unilaterally admit to some crime.

Those who claim Google was "stealing data" have no clue as to how wifi's work and what it takes to collect data with a "Street View" van. Mostly they are victims of Apple's and Microsoft's anti-Google FUD campaign, since they both collect the same kinds of data.

Most wifis have a radius range of about 300 feet. Traveling at 25mph a van can pass through 600 feet in about 16 seconds. It takes several minutes to crack a WEP and even more for a WPA encrypted connection. The van won't have enough time to crack into secured access points. That leaves OPEN access points. How many packets could a van collect in 16 seconds for an 11Mb/S connection? About 10,600. A typical 1500 byte packet has a maximum of 842 bytes of payload, which would total to about 9 MB of data. That "data" will be HTML code, web page elements, LOTS of graphics and tons of trivia. It *might" contain pieces of someone's email. All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?

Besides, ESSIDs can and often do change without notice, so they mean nothing. MAC addresses would identify hardware and Google could connect a MAC to an IP address, but gathering that information is not illegal. Besides, names, telephone numbers and house addresses have been linked together in phone books for a100 years. I can record your license plate number and look up your name and address in our state auto registration database after paying a registration fee of $50. Ditto for your house records: year it was built, how many times it was sold and for how much, the amount of taxes you payed and what is due, even a floor plan.

IF you don't want someone eaves dropping in on your wifi traffic then use WPA and/or encrypt your email and connect only with https websites.

Re:There are rules, even unspoken

[SecurityGuy]

Consider what you're saying. It's like condoning someone who breaks and enters into peoples' houses and goes reading through their papers and personal effects, and saying the problem is that they didn't have a secure enough vault in their home.

No, that's not remotely what I'm saying, and your Matthew Shepard comparison is wildly off base.

If you have unencrypted WiFi, you are broadcasting, quite literally, whatever you're doing. All I'm saying is if you're out in public, people can take your picture. You might not like it, but they can. If you yell at your wife on the front porch or in the house if you're loud enough, the neighbors can hear you. I'm not saying you need to encrypt everything, or that you need a vault. I'm saying don't broadcast to the world if you don't want the world to hear you.

I'm very much pro-privacy, but if you want your privacy (as I do), you can't put the burden on the entire rest of the world to preserve it for you. We railed against the DMCA because it criminalized circumventing even useless protection measures, but somehow when they're OUR useless protection measures, it's different? No, it's not. What I'm saying is that if you don't want your papers and personal effects gone through, don't leave them lying in the street for people to pick up and read.

Re:What people figured all along

[poetmatt]

Dude we know you're biased as shit. You submitted the article! Just give up and admit that you either have a clear bias or are paid by or affiliated with Microsoft, directly or indirectly.

However, the difference between Google and MS/Apple is that in MS/Apple's case it'd be a quiet settlement with no details.

With google, what happens? Straight up honesty. 100% un-redacted other than the user's names.

Re:What people figured all along

[TechCar]

Well, the report confirms what was in the summary and title of this story.

The amount of wrongful moderation towards bunch and anyone critical of Google in this story is quite astonishing. Actually, not just this story but in every story on Slashdot. I'm a big fan of Google's products, I use gmail and my Android phone every day (even develop for it), but even I think this is scary and completely unacceptable. Just because its Google it doesn't make it right. You shouldn't give them a free pass on privacy violating stuff like this just because they somewhat support open source (not that much actually). In fact, Google should be held to higher standards if you like them because of that. Did you know that Google is secretly backing CISPA? At least Microsoft and Apple do it in open. But of course that wouldn't be good for Google's image.

It's time to end this abuse of mod points towards anything negative about Google and think of their actions as their own. And boy have they changed over the past 5 years. But like with piracy, I think that many Slashdotters just like them because they give free stuff. It's not so much about the privacy. If you cared about privacy you wouldn't use hosted services anyway, but desktop apps like Office.