Comment by tippytop
12 years ago
> Google had no knowledge of NSA's physical compromise of their data centers.
How do you know this is the case? In the diagram submitted within the article, the box highlighted with the smiley face is labeled "GFE" for Google Front-End [1], which means it's a Google controlled server. It seems more plausible to me that the NSA compromised this target with a FISA court order rather than hacking it. And if that is true, then someone at Google did know about it, they just weren't willing to discuss it because of a legal threat.
[1] Google server names: http://googlesystem.blogspot.com/2007/09/googles-server-name...
> How do you know this is the case? In the diagram submitted within the article, the box highlighted with the smiley face is labeled "GFE" for Google Front-End [1], which means it's a Google controlled server.
Yeah, its the external facing server that is the boundary between Google's (encrypted) communication with outside systems and its internal network which doesn't use encryption.
> It seems more plausible to me that the NSA compromised this target with a FISA court order rather than hacking it.
If you read the article, the leak of documents that included the diagram indicates that:
1. The GFE server itself wasn't compromised, whether by a court order or hacking -- the unsecured communications which occur "behind" the GFE server were compromised, and
2. The entity which compromised the unsecured communications wasn't the NSA, but Britain's GCHQ. The NSA gets information from the compromised system because GCHQ allows NSA to submit search terms ("selectors") which are matched against the data GCHQ collects from tapping Google (and Yahoo!) unsecured internal comms, and then feeds the data matching the selectors back to the NSA.
You are correct, I've misunderstood this program and perhaps the parent post I was responding to. Oh well, can't win 'em all. This is in addition to the PRISM programs we've already seen.