Google Not So Private 3
September 21st, 2009 by ComputerBob
How many times have I railed against trusting your private or confidential data to free online services like Google Apps and Gmail?
How many examples have I shown you of free online services failing to secure their users’ private and confidential data?
And yet, despite all of the significant risks, and despite a growing record of security failures, governments, medical providers and educational institutions continue to move their users’ private and confidential data to third-party online services.
Regular readers of this Journal know that that recipe for disaster is one of my recurring themes.
And here’s the latest example: “A recent bug in Google Apps allowed students at several colleges to read each other’s email messages and some were even able to see another student’s entire inbox.”
We’re not talking about a tiny glitch that only lasted for a few minutes. That would be bad enough.
No, we’re talking about a serious security failure that lasted for three days.
You can bet that Slashdot’s readers have a lot to say about that.
How would you like it if your private email messages were suddenly made public for three days?
Account information, passwords, credit card numbers, love letters, gossip — all out there for other people to read.
What can you do to prevent it from ever happening to you if you’re trusting your private and confidential data to free online services?
And if it does happen to you, what will you be able to do to fix the problem?
Absolutely nothing — on both counts.
You can’t prevent it from happening.
And if it happens to you, you won’t be able to do anything to fix the problem.
You’ll have to just sit back and hope that someone else fixes it.
And that it doesn’t take them three days to do it.
Which is why you should never trust your private and confidential data to free online services.
Cue outro.
Update: And on top of all of its huge privacy, accountability, reliability and security risks, cloud computing is really just a throwback to the olden days of computing, when users didn’t have PCs. Each employee had a dumb terminal on their desk, connected to the company’s mainframe computer.
The mainframe did all of the computing, and stored everyone’s data.
And no one had any access to the mainframe without the knowledge and permission of the mainframe guys.
Mainframe computing = centralized control.
Then PCs were invented, and suddenly, each employee had their own computer.
No more having to schedule computing jobs with the mainframe guys.
No more having to deal with the mainframe slowing down every time the accounting department ran the payroll.
Personal computing = personal power.
Personal computing = personal freedom.
But now cloud computing promises to do all of the computing, and store everyone’s data.
They say we won’t even need our personal computers any more.
Just a dumb terminal, with an embedded browser that connects to the cloud.
And they want us to think that that would be a good thing.
Like “Judge Judy” says, “Don’t pee on my leg and then tell me it’s raining.”
Update, January 24, 2010: Chinese hackers broke into Google’s Chinese servers several days ago, causing Google to rethink whether it wants to even continue to have offices in China any more. But it turns out that the Chinese hackers were able to break into the Google servers because, “In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.”
Permalink:
http://www.computerbob.com/wp/google-not-so-private.php
Tags:
Consumer Info, Cybercrime, Dubious, Internet, Security, Technology
September 24th, 2009 at 10:39 am
Awesome post. They say Cloud Computing is the future. I guess security isn’t.
Great post!!!