

Google is a surveillance company - boh
http://www.securitytube.net/Changing-Threats-To-Privacy-From-TIA-to-Google-(Blackhat-2010)-video.aspx

======
jfm3
This video is great. It not only sums up the problem in the elegant terms of
_choice_ , but it also proposes starts at solutions in the elegant terms of
_working code_. It made my day to watch this.

~~~
ztan
I usually tend to avoid the 1 to 2 hour long video/talks. However in this
case, the value received from its content absolutely justified every minute of
its length. I wish more people would not dismiss it because of its length like
I almost did.

------
gnosis
The problem isn't Google so much as it is a lack of an understanding of the
value of privacy and anonymity on the internet among the general population.

And it is also a matter of the lack of serious support for maintaining such
privacy and anonymity at the internet infrastructure level, and at the level
of applications that interface with the internet (web browsers in particular).

These things go hand in hand. As the general public becomes more educated
about the value of privacy and anonymity (and what happens when, due to the
lack of either, abuses occur) there will be more demand for technology that
supports keeping their data and lives more private.

Then software, hardware, and services that protect privacy and anonymity will
become more economically viable, and companies like Google will have a much
harder time spying on their users.

This is why education about the value of privacy and anonymity is so valuable.

Until that happens, people will _voluntarily_ leak information about
themselves all over the place. Witness the popularity of Facebook, or hundreds
of other sites where people gladly give up their privacy for various dubious
enticements.

~~~
gst
I wonder if the public ever will become educated about the value of privacy. A
few days ago I've tried to explain a friend who often uses Internet cafes how
to use Google's two factor authentication for Gmail. Her answer was: "Why
should I do this, this just makes it more complicated". When I explained to
her that it prevents other's from being able to read her mails she responded
that there's nothing interesting in her mailbox and she doubts anyone is
interested in doing so.

A decade or so ago I still had hope that tools like PGP/GPG will be widespread
amongst the Internet population. But this all completely changed. People who
used to use PGP to encrypt their mails and who've used to run their own
mailservers because they didn't trust their provider just use GMail today.

We're moving from a decentraliced infrastructure to a pure client/server
infrastructure and there's not much you can do about this. There are a few
areas where it's possible to avoid the cloud, but in most other areas the
choice is either to use the prevalent centralized infrastructure or to not
communicate with others.

~~~
ppod
"she responded that there's nothing interesting in her mailbox and she doubts
anyone is interested in doing so."

What is wrong with this response?

~~~
jfm3
I wear pants. I have nothing to hide, particularly, but I don't want anyone
but my wife and my doctor looking under them. Certainly not Eric Schmidt.

The problem is that consequences of transparent pants are easy to understand,
but the consequences of unencrypted email are less so.

~~~
rmrm
It seems like privacy law is the proper domain to control these things for the
public. Your pants, while not transparent, do not pose much of a roadblock
from a determined party looking inside them. That it's illegal for anyone to
do so without your consent is the actual deterrent -- not any intrinsic
property of your pants.

~~~
jfm3
I concur, but the value of such a law will not be apparent to anyone who
doesn't _feel_ the same way about transparent pants and unencrypted email.

I should also add that I think it's evil to take advantage of the user
ignorance of the issue to improve ad targeting.

------
beoba
Original link <http://vimeo.com/11303353>

"BlackHat Europe 2010 - Changing Threats To Privacy From TIA to Google"

~~~
dguido
The original-original source is here: [https://media.blackhat.com/bh-
eu-10/video/Marlinspike/BlackH...](https://media.blackhat.com/bh-
eu-10/video/Marlinspike/BlackHat-EU-2010-Marlinspike-Threats-to-Privacy.m4v)

------
Phantom
I absolutely agree with the talk! Google is the new Microsoft :) and Facebook
is the new Google and will also become the next Microsoft very soon.

What Google is doing is actually monitoring every aspect of our online life!
Really worrisome!

~~~
Tyrant505
And Facebook isn't? How about big hungry corps come in different sizes and
shapes but are still big hungry corps.

------
Charuru
Google is not a surveillance company. It's an AI company with a rapacious
appetite for data so that it can learn about the world and make better
decisions.

------
pc-pro-schools
It bothers me I can't watch the person talking ^.^

------
yanw
FUD.

Not Google nor even Facebook are privacy’s real threats, they are just easy
targets.

There is a fine line - it would seem - between a security expert and an
alarmist. That line is getting crossed more often as of late seeing as
spreading FUD is their marketing strategy.

Yes privacy is important but some people are loosing all prospective in
advocating for it, and in doing so are entrenching on other rights mainly
freedom of speech.

Relevant: [http://gigaom.com/2011/02/17/jarvis-publicness-needs-its-
adv...](http://gigaom.com/2011/02/17/jarvis-publicness-needs-its-advocates-
just-like-privacy/)

~~~
moxie
I'm curious to know what you think privacy's real threats are, then?

I had two motivations in giving this talk. One was to explore the shift in
where data accumulates and is collected on the internet. The other was to
explore the concept of "choice," in terms of how these technologies are
subsequently presented to us.

Given the events of the past year, along with the CALEA II conversations that
have recently begun in DC, it doesn't seem particularly alarmist to start
having a conversation about these things.

I'm not sure whether you watched the talk or not, but my premise isn't that
everyone should stop using Google or Facebook, as you seem to assume. Because
I don't actually believe that's even possible. Or at least, that it's not a
simple choice.

~~~
chwahoo
I found your talk to be one of the more pragmatic takes on current challenges
to privacy that I've heard for precisely this reason. While people can and
sometimes do choose to opt-out, I've never been personally comfortable with
the high costs of doing so. It's a neat research agenda to start from that
observation and try to mitigate the cost to privacy.

