Google Collected Passwords in Wi-Fi Sweeps

[orionantares]

All I got out of this article is that there are still a lot of people stupid enough to use passwords over unprotected WiFi connections.

 

[LORD_ORION]

The point is...

You may not eavesdrop and then collect and copy wire data. Accidental or not, it is illegal in most countries.

 

[brendano257]

Is it just me or is this skewed to make everything sound deliberate?

It doesn't say weather passwords and email account data was inside the packets that the software was taking, or if the software was DESIGNED or used for the purpose of collecting these specific things. It makes a HUGE difference in terms of what Google is 'guilty' of. From what I've read in various articles about this, the software was taking more data than Google wanted.

Also, on the whole thing of it taking MAC addresses, this could have been to ensure the unique identity of a network. Because God knows how many networks are named 'linksys' or 'NETGEAR' in just a single neighborhood.

 

[eddieroolz]

Oh Google. When I warm up to your existence, you turn around and stab me in the back. Well played.

 

[bin1127]

ohh la la, the French now has your password.

 

[matt314]

[citation]Anyways, if you have an unencrypted or an encrypted with WEP you deserve to be hacked. It's child's play to crack WEP now.[/citation]

WPA is not much harder...you'd be surprised how many people think 1234567890 is a safe choice of password. Not much of a dictionary attack when it goes through on the first word!

 

[Guest]

If anything Google is doing these people a favor to tell them to take their security to the next level before someone else with bad intentions takes advantage of it.

 

[apocalypseap]

Innocent until proven guilty, conspiracy theorists. Seriously now.

 

[dmwright]

[citation][nom]brendano257[/nom]Is it just me or is this skewed to make everything sound deliberate?It doesn't say weather passwords and email account data was inside the packets that the software was taking, or if the software was DESIGNED or used for the purpose of collecting these specific things. It makes a HUGE difference in terms of what Google is 'guilty' of. From what I've read in various articles about this, the software was taking more data than Google wanted.Also, on the whole thing of it taking MAC addresses, this could have been to ensure the unique identity of a network. Because God knows how many networks are named 'linksys' or 'NETGEAR' in just a single neighborhood.[/citation]

Deliberately or not, Google, being such a large and public company should know better, as they have invested large quantities of cash into it's lawyers. They would obviously know the laws of the country they are in. As most businesses make research/plans before even making the first step "Due Process".

A good example, would be someone coming by and reading bits and pieces of mail from your mailbox on the street, although they were only taking note of the first envelope on top, it is not appropriate, and I for one would not be happy if someone was found rummaging through my mail! Even IF my mailbox didn't have a lock on it.... (no, I do not use a lock on my mailbox.)

You would think the recent dispute in China would have served a good enough warning for them. You either follow our way, or the highway. Whether we agree with China or not is another argument all together, but they have their own culture, and it must be respected. (Which are the exact same freedoms we live for in the USA).

 

[dmwright]

[citation][nom]tincanp[/nom]If anything Google is doing these people a favor to tell them to take their security to the next level before someone else with bad intentions takes advantage of it.[/citation]

Now, where have I heard this before... John Mcclain 😛

 

[Silicon Jesus]

If the cars were capturing wifi packets from unencrypted networks, then some of the packets will contain passwords. The real problem is insecure WLANs and plaintext authentication. This shit is floating in the air for anyone with a wifi card. If we can't get dummies to secure their networks, then sites that care about their users' security should start encrypting their authentications.

 

[C 64]

[citation][nom]proxy711[/nom]I have no problems with google spying on the french.next time encrypt your shit.[/citation]
You must be pretty naive.

What makes you think that if Google was spying on french (and german and spanish...) WiFi they didn't do the same in the USA (I assume you are from USA).

And while it is unbelievably careless to have your wireless unencrypted, this doesn't give ANYONE the right to access your network or even record the transmitted data.

As for those who claim it was not deliberate - wake up. It was not by accident that they extracted the passwords from transmitted packets, then accidentally stored them, transmitted them to back google, stored them again (for some months), to have them delivered back to the french courts.... and don't get me even started on accidentally storing the content of emails.....

 

[Ciuy]

******* traitors !!!!!!!!!!!!!!! Change homepage to BING !!!!!!!!!!!!!!!!!!!!!!!!!!

*Post edited by moderator* Cool it on the language.

 

[Silmarunya]

Nothing new, we all know Google thinks privacy isn't a right but something you should breach in order to improve revenue.

Fortunately, most Google services have a far more respectful alternative.

- Chrome? Opera 10.60 is faster in all benchmarks than Chrome 6.
- Docs? Office live 2010 will soon offer all the functionalities.
- Search? Bing is decent, but this is still Google's territory...
- Translate? Babelfish and a plethora of others.
- Gmail? Hotmail, regular POP mail, Opera Mail,...
- ...

 

[1pp1k10k4m1]

[citation][nom]Clintonio[/nom]Idiots who believe Kevin Parrish's scare mongering probably think it was both purpose and intended.1) If Wifi is unencrypted it means people can view ANYTHING you send on your Wifi unless it is encrypted. 2) The most common online protocol is HTTP. HTTP isn't encrypted. 3) Thus, if you send your password over HTTP, anyone can view it. 4) Google was accidentally (or not) collecting data from unencrypted wifi.5) If users were using insecure websites that pass your passwords over HTTP, then Google, any ANYONE ELSE would see it.6) The fault of the passwords in plaintext is the fault of the website.7) The fault of the open wifi is the owner of the network7.1) Or the user's for using a public hotspot and not expecting it8) It is Google's fault for sniffing.Google did not take these passwords maliciously, it claims to not even mean to be sniffing data packets anyway.tldr; Wifi unencrypted on insecure site = bad. Not Google's fault.[/citation]


freaking awesome. thank you...I can't believe some people don't get this.

 

[1pp1k10k4m1]

[citation][nom]LORD_ORION[/nom]The point is...You may not eavesdrop and then collect and copy wire data. Accidental or not, it is illegal in most countries.[/citation]

The larger point is that expecting privacy without ever taking any steps toward it means (and actually making effort to have your stuff stolen by sending unencrypted passwords over unencrypted networks) that you don't really expect privacy. So why whine about it when it happens?

It isn't actually illegal in most countries, doing it without permission is illegal in most countries. It gets done with warrants all the time.

I'm not even defending google, but the actions of the complaining French are simply inexcusable in any discussion about even the most basic online privacy. Its almost equivalent to writing down your passwords, posting it on your door, and then being pissed when someone gets them. There is no evidence that Google used, nor intended to use them; and really its just a statistics game; on unencrypted networks, it is only a matter of time:data before you collect a password being passed over the network.

The French should really spend more time worrying about their neighbors stealing data and blackmailing them or stealing their identity than Google. Google makes enough money, they don't need to steal private info from the French.

Apparently the person at google who made the poor decision to connect to unencrypted networks knew there were people who made the poor decision to not encrypt their networks. Double fault.

 

[1pp1k10k4m1]

[citation][nom]C 64[/nom]You must be pretty naive.What makes you think that if Google was spying on french (and german and spanish...) WiFi they didn't do the same in the USA (I assume you are from USA). And while it is unbelievably careless to have your wireless unencrypted, this doesn't give ANYONE the right to access your network or even record the transmitted data.As for those who claim it was not deliberate - wake up. It was not by accident that they extracted the passwords from transmitted packets, then accidentally stored them, transmitted them to back google, stored them again (for some months), to have them delivered back to the french courts.... and don't get me even started on accidentally storing the content of emails.....[/citation]


Since we're talking about the naive, NOWHERE in this article does it say google extracted passwords from packets. It doesn't even say they made attempts to. Apparently, you don't understand the process. There's a lovely post on first page that lists it basically. You should read it. Google basically was storing w

 

[1pp1k10k4m1]

okay...so my post got cut off.

Google was basically (from how this sounds) storing whatever was being transmitted over the network at the time (be it email, passwords, etc), probably because they are constantly sending/receiving data for the purpose of google maps. On an unencrypted network, they didn't really have to make an effort to collect info. Should they have connected in the 1st place? I say no, but I'm not sure what French law says.

 

[pirateboy]

all your base are belong to google !!!

 

[Blessedman]

If they were actually trying to take over the world in some evil plot, why would they come out and tell everyone "oops our cars captured data it wasn't supposed to sorry. We are handing this data over to a third party to examine."???