

Data Engineer in Google Case Is Identified - author of NetStumbler - hinathan
http://www.nytimes.com/2012/05/01/technology/engineer-in-googles-street-view-is-identified.html

======
hkmurakami
> _On his LinkedIn page, Mr. Milner lists his occupation as “hacker,” and
> under the category called “Specialties,” his entry reads, “I know more than
> I want to about Wi-Fi.”_

I am more than moderately offended/troubled/irked by this excerpt, as it
appears to deliberately depict the engineer as a "hacker" in the sense of
Hollywood culture, rather than "hacker" as we know it in makers' terms.

In the wrong hands, the English language is much more potent and destructive
than any programming language. An English Specialist can often cause more harm
than _a Wi-Fi Specialist_.

~~~
untog
I've long thought that trying to adopt "hacker" as a professional term was a
bad idea. I told friends that I was going to a government hackathon once, and
they thought I was going to be arrested.

Why do we have to be hackers? What was wrong with being developers?

~~~
jlawer
Because society took both hacker and developer and changed their meaning.

Hackers became criminals and developers were Javabean coding wage slaves...
given a choice criminal sounds cooler then wage slave.

~~~
untog
_Because society took both hacker and developer and changed their meaning._

But the article (and my anecdotal experiences) are proof that this hasn't
actually happened. We decided to call ourselves 'hackers', but society as a
whole doesn't.

 _given a choice criminal sounds cooler then wage slave._

I think that's my main problem with "hacker". It's an attempt to be cool.

------
branola
_Depicting his actions as the work of a rogue “requires putting a lot of dots
together,” Mr. Milner said enigmatically Sunday before insisting again he had
no comment._

It doesn't sound particularly enigmatic to me. It seems like Milner is clearly
saying that Google deliberately misrepresented his behavior as a rogue action
to facilitate their legal self-protection when in fact it's obvious from their
choice of the author of NetStumbler to work on Street View that his designated
role was likely to involve making use of his expertise with Wi-Fi networks.

~~~
jack-r-abbit
Of course they hired a WiFi expert for their WiFi-related project. But that
doesn't mean their claim of rogue behavior is simply self-protection. What if
they hired him for his expertise with Wi-Fi and told him they only wanted to
collect the minimal amount of data but he went rogue and collected ALL the
data anyway? But I'm with those people that think the freely broadcast
unencrypted packets are in the public domain and Google didn't do anything
illegal.

------
jlawer
It feels to me like they were just logging everything for future analysis so
they don't have to come back and do a second pass when they upgrade their
software.

But then again I'm sorry, I have never seen what the big deal was about this.
If you broadcast your crap around you can't blame people for receiving it.

Sure people's passwords may be in the data stream, but they broadcast it over
an open connection. If your going to blame anyone blame the electronics shop
sales guy, the hardware vendor and the TV "experts" that tell people that
using an unencrypted wifi access point is completely reasonable.

~~~
whackberry
> But then again I'm sorry, I have never seen what the big deal was about
> this.

You don't see what the deal is with a major corporation doing wardriving and
packet capturing?

> If you broadcast your crap around you can't blame people for receiving it.

By your logic then if someone gets robbed on the streets, then it's their
fault for "walking around freely"?

~~~
derefr
> By your logic then if someone gets robbed on the streets, then it's their
> fault for "walking around freely"?

Well, to more strictly match the analogy--if someone is walking around with a
purse that is constantly leaking coins, and they get "robbed" (by someone
finding some of said coins and wandering off with them), then I would say that
that _is_ their own fault, yes.

~~~
whackberry
So by your logic simply owning a Wi-Fi access-point at home and not adding
strong cryptography is reason enough for a corporation to drive their car to
your house and capture your data?

So to keep Google away from logging my network data I need a strong virtual
fence now, otherwise they'll come spying on my traffic?

That is 100% wrong. Google shouldn't be snooping on my data at all, not even
if my AP was within their corporate headquarters reach. That is simply not
acceptable behavior from a major corporation.

~~~
magicalist
No, just like photography being allowed in public does not mean that a video
camera is going to be pointed at your house 24 hours a day and you'll be
mandated to like it.

On the other hand, the existence of the paparazzi is not enough to justify
banning the freedom to take pictures in public places.

All of these laws have to be carefully balanced to make sure we retain our
rights.

~~~
whackberry
Sure, but what is the parallel here?

The paparazzi make a living from those photos, so there is a reason for them
to be out there doing that(not saying I agree, just saying there's a reason
for it).

What is Google doing driving around collecting personal data for? Google is a
search engine with several great products around it. WTF are they driving
around collecting data for? See? It doesn't make any sense, this is plain
creepy.

~~~
derefr
...because Google Maps has backup-geolocation through a database of wi-fi
access point ID/GPS-pair mappings, which can only be discovered by exactly
this wardriving process? It's kind of the central point of the story, here.

------
stevenplatt
_The data collection, which took place over three years, was legal because the
information was not encrypted, the F.C.C. ultimately determined._

Interesting how this works. If I went wardriving and collected personal emails
from unencrypted networks, I'd have my house rummaged by FBI agents, be hit
with a 25,000-count felony wiretapping indictment and have some go-getter
federal prosecutor try to convince a judge to sentence me to 7,000 years in
prison. _Then_ an appeals court might say reverse on the grounds that it was
unencrypted. Maybe.

Google does it? A slap on the wrist and a small fine for "obstructing an
investigation."

~~~
kinghajj
That's because the software Google used didn't actively browse the networks to
look for documents, but passively intercepted and logged packets. If they
wrote a program that actually searched the networks for shared folders and
copied information that way, then conceivably they could be guilty of
unauthorized computer access.

~~~
whackberry
> That's because the software Google used didn't actively browse the networks
> to look for documents

Do we know that for a fact? Sorry if well known, genuine question.

~~~
1010011010
When did you stop beating your wife? How do we know for a fact?

~~~
whackberry
> When did you stop beating your wife? How do we know for a fact?

I never was accused of that. Silly response. Google has been accused of
several privacy violations.

------
kevinpet
"The F.C.C. report also had Engineer Doe spelling out his intentions quite
clearly in his initial proposal. Managers of the Street View project said they
never read it."

I think the authors intended this to be read as 'wink wink yeah sure', but
this sounds entirely plausible on both sides. The more detailed the spec is,
the less likely anyone will read it. They probably just forwarded it around
and assumed someone competent to render an opinion would raise a red flag if
anything were not well thought out.

~~~
martey
The issue is that it is not just the initial proposal. As the NYTimes article
points out in the previous paragraph, and the complete FCC report [1] clearly
states, there were additional events after the proposal was submitted where
other members of the Street View team came in contact with the actual code
while doing code review or debugging, but later claimed during interviews with
the FCC that they were unaware that it was collecting data.

On page 15, the report even mentions "Engineer Doe" sending an email to a
manager stating, "You might recall asking me about URLs seen over Wi-Fi...",
and talking about the number of unique URLs retrieved (only 32,000 from 300
million packets). The manager asked if the URLs were sniffed from WiFi
packets, and Doe responded in the affirmative.

[1]: [http://s3.documentcloud.org/documents/351298/fcc-report-
on-g...](http://s3.documentcloud.org/documents/351298/fcc-report-on-googles-
street-view.pdf)

------
drucken
The engineer who created this system is completely irrelevant since the
production implementation of Street View collected all data.

The fault lies _solely_ with Google whether by intent, lack of legal or legal
ethics advice, lack of technical oversight, or management incompetence etc.
This also seems to be the regulator's view.

However, Google itself and, of course, the media are quite happy to muddy the
waters with a bit of "gone rogue" nonsense, though for differing reasons.

------
beder
> On his LinkedIn page, Mr. Milner lists his occupation as “hacker,” and under
> the category called “Specialties,” his entry reads, “I know more than I want
> to about Wi-Fi.”

While I don't know for sure which use of the word "hacker" Milner intends, the
author of this article ought to have added a line like, "Software engineers
use the word 'hacker' in a positive, non-malicious sense...", since this is
effectively taking his words out of context.

~~~
elliotanderson
Same can be said for knowing too much. I know way too much about PHP, doesn't
mean that there is anything malicious about it

------
epochwolf
What is the point in publicly naming an the engineer in this case? How does
this benefit the public good?

~~~
whackberry
> What is the point in publicly naming an the engineer in this case? How does
> this benefit the public good?

The public has the right to know. Otherwise, who decides what should be public
or not, the ministry of big brother?

~~~
ok_craig
The public doesn't have the right to know, since no law was broken. The
engineer was identified by a "former state investigator [who] spoke on the
condition that he not be identified because he was not authorized to speak."

~~~
whackberry
> no law was broken.

We don't know that yet, do we?

~~~
ok_craig
Yes we do, it's in the second paragraph of the article.

"The F.C.C. recently closed its 17-month inquiry into the project, Street
View, with a finding that Google broke no laws but had obstructed its
investigation."

Even if we didn't, that's also a reason for not disclosing this person's
identity: innocent until proven guilty.

~~~
whackberry
Fair point, I stand corrected.

