oops! I Did It Again

by Elias Shams
That’s what Google said, confessed, and apologized yesterday.

After admission of an embarrassing privacy gaffe, the Do no Evil search engine giant, Google made yesterday, the company decided to stop its Street View cars from sniffing wireless networking data.  Contrary to the company’s claims, for at least three years, Google has been collecting the information that the users have been sending from a non-password-protected Wi-Fi networks.

Before I get to Google, first thing first! Wi-Fi has been around for about nine years. If you still don’t realize to secure your Wi-Fi yet, don’t even bother getting on the Internet. Hide your network and password protect it. Using an open Wi-Fi is the digital equivalent of putting your TV and stereo in the yard and leaving for the day.

Google Street View cars are best known for driving around cities and logging snapshots of the area, which are then posted online and integrated with Google Maps. Google cars had been sniffing some network data — SSID information and MAC addresses — that was then used to help the company get a better fix on the locations of things in order to improve its Web products. Google had said that it wasn’t sniffing other data sent over the networks, but it turned out that this wasn’t true.

For those that are non-technical:

SSID (Service Set Identifier)  = The name of your wireless network. Most user’s home network is named “LINKSYS”

MAC (Media Access Control) Address is like a unique fingerprint for a device on a network. It can be used to uniquely identify a network device as well as provide information on the device its self.

Because the Street View cars are usually in motion, they probably would have recorded only snippets of information from open networks, but they could have picked up sensitive data from unencrypted Web sites, including Google’s own Gmail service, which only recently started requiring encrypted (HTTPS) Web connections.

Google’s Senior VP of Engineering & Research Alan Eustace explained how this collection of sensitive data occurred. “Quite simply, it was a mistake.” He explained, “An engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google’s Street View cars, they included that code in their software—although the project leaders did not want, and had no intention of using, payload data.”

Anyway, the company says it intends to delete the data “as quickly as possible.” It has already grounded its Street View cars, and will halt collection of WiFi network data.

The Google admission seems that whenever a company “comes clean” they’re often trying to misdirect. Notice how the BP leak went from no leak, to a small leak, to 5x the small leak confession to 10x the small leak confession to ‘A Valdez every 4 days’?.

Just remember this – Once you connect to the internet, you are vulnerable. Period! All you can do is make it harder, but you can’t prevent it.

Bookmark and Share

About Elias Shams
I have been a serial entrepreneur in telecom and social media space for past 12 years or so. I hold a M.S. degree in Telecommunication Engineering from the George Washington University and a B.S. degree in Electrical Engineering from the University of Maryland. I’ve lived and worked in many countries and cities including London England, Tehran Iran, Bonn Germany, Paris France, Alicante Spain, Delhi India, and my favorite of all Washington, DC of great US of A. Two of the greatest Washington, DC based companies I worked for and very proud of are Yurie Systems which was sold to Lucent in 1998 for $1.23 B and telezoo.com that I founded in 1999. I am currently the founder and awesomizer @ awesomize.me

9 Responses to oops! I Did It Again

  1. Eric Kennedy says:

    For now, ‘Yes’.

    Google doesn’t have a history of disdain for user privacy like, say, FACEBOOK.

    So for now I’ll cut ’em some slack.

    I found the CNet Comments section not only amusing, but more informative, than the awesomedc piece:

    • Elias Shams says:

      Eric, Thanks for the comment. I agree with you. Indeed CNet’s article is more informative. That is because our targeted audience are different than CNet’s.

      I am a techi myself. Check out my background on our blog. The thing is my readers will get board if I get too technical. I just wanted to warn those who don’t secure their wi-fi.


  2. Enda Mannion says:

    It can’t be a mistake since it is solid business sense o use any data to improve identifying the location fo the user, not just relying on A-GPS.
    What’s the big deal? Nothing new: Apple (since iPhone launch!) and others have previously said they would do similar and have permission to build up an accurate picture of WiFi hot spots in order to improve service.
    I am amazed that Google “apologise” for a “mistake” which has happened in every single country where they have collected data for StreetView. It may be a coincidence, but their apology from the German spokesman comes in the same week where a German court ruled that users have to ensure they password-protect their WFi, or bear the risk and cost misuse (or a fine for misues by third parties if they can prove it wasn’t themselves using their internet access for illegal purposes). That story aside, it seems Google is overly keen to assure the public that they will stay within laws – an carry on collecting as accurate a picture of the world and everything in it.

  3. Aologies, lessons learned, move forward from here……..sounds like a certain outgoing Political Party….

  4. A mistake in regards to public relations and privacy, but not an accident.

  5. Joy Swafford says:

    If the current controls Google have in place failed to prevent this mistake—“again”, what type of assurance does the public have that it would not happen “again”. There should be stiffer penalty for these types of mistakes in breaching privacy.

  6. Bob says:

    I would say it was a mistake and the value of the data was insignificant if not wholly meaningless. But, it was good to see GOOG get out in front of this and “come clean” rather than try to hide it or legitimate it (“…if you don’t PW protect your network, you are fair game…”).

    When you consider the volume of data collected for StreetView, then consider how you’d have to add this other layer of data to the mix and then “make something valuable” out of it?

    The effort::value ratio just isn’t there.

    GOOG has far more invasive information on most of us that is valuable to them, and, to date, hasn’t really come back and bitten us (too badly).

    They’ve actually earned a bit of trust. Unlike the FB kids, who’ve only earned distrust.

  7. Joy Gila says:

    One way to look at this is without blame; Google’s coder just served the world with a wake up call about the necessity for basic securing of wireless networks.

  8. In Germany the attorney is investigating Google for this “accident”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: