Comment by cromwellian
12 years ago
Security is based on threat model. The spooks have capabilities that far exceed the threat models most companies assume from private blackhats. You think it is obvious to assume in hindsight that the government would dig up and tap your dark fiber, but you don't think it obvious the government would plant spies to do in-side-the-data-center taps. Now what? Encrypt all data between switches? The Soviets didn't think their undersea cables could be tapped either, and no one can claim they were insufficiently paranoid.
My point is, I don't want Silicon Valley in an arms race with the US government. The government is supposed to protect its citizens and companies, not work to undermine them. Google is working on rolling out better security, just like they eventually rolled out SSL everywhere before most other companies. They are at the forefront on this, but it still takes time and costs money. But even though they are spending time and resources on this, I would still like the US government to cut it out.
I'm not getting through to you.
At the end of the day, Google lost. To a considerable extent, cloud lost. People who were trusting Google with their data lost. What is ostensibly true at this point at is that Google could have done something to have prevented this. All else is immaterial. Just like I would expect to lose business if I made a mistake and had data compromised (because doing X and Y was too difficult or too costly for me to do, because it was 'outside' my control, because I was too inept, or whatever else), Google should expect to lose some business the same way. If security is based on a threat model -- and it eventually loses, it was bad security.
Well, it would help if you would write in a way that is not insulting and condescending.
There's no "if" about it. All security is based on threat model, the lock on your front door is based on the threat of the average criminal, and not Watergate burglars. Are you guilty of bad security? Is it your fault if your front door lock gets picked because you made assumptions about the sophistication of your attacker?
You originally said "I'll never trust them again", but that beg's the question, just who will you trust? Unless you are using end-to-end encryption with everyone, there is no way to secure against NSA interception, and pretty much all of Google's cloud competitors are actually worse in terms of deployed security. And assuming end-to-end is secure is basically just assuming a threat model where the NSA or Chinese government can't plant infected firmware or hardware in your devices.
How about not musing out loud that people who are criticizing companies just "want to hate on these companies", if you're entertaining the idea of not being insulting and condescending.
Google is a company that's been leading the way to get everyone on the cloud. It turns out what it's also been doing is making mass surveillance massively easy due to poor security practices. One individual having bad locks is not analogous to what is at play here. You keep suggesting that Google should get a free pass because the adversary in this case was too sophisticated of a player: no, that does not matter, that is an excuse. Don't give me excuses. Google makes billions, it should simply have done a better job. Your earlier post took issue with Google's brand being tarnished unfairly, this is what I'm talking about to you right now, so the question of just 'who' I will trust is not very relevant.
To answer your question anyway: basically I'm going to pull away from the cloud as much as I can. No more google apps for me, no more gmail, no more anything where I end up putting my personal data or my clients' data anywhere but on my dedicated servers -- and using end-to-end encryption when any data needs to travel out. That does not remove the possibility of getting compromised, it just mitigates it.
1 reply →
You mean like the things that Google has done, as soon as the threat vector seemed credible?
http://www.informationweek.com/security/government/nsa-fallo...
what if that government who could tap into fiber was not US government? I think any communication outside the confines of corporate buildings should be encrypted.