I mean, when Greenwald/Snowden/Guardian released the original PRISM accusations, these slides would have provided a much much more important set of evidence, instead of months of speculation and parsing of meanings of "backdoor", "frontdoor", "side door", in the corporate communications of the tech companies who were struggling to say "we've never heard of PRISM, da fuq is this shit?"
Is the slow dripping out of these slides because they are trying to be responsible in not releasing stuff that is too damaging (e.g. not trying to be a Bradley Manning dump), or is it to preserve traffic by keeping the click-gravy-train going?
In a weird way, it actually motivates them to tell the "whole truth" because they don't know what documents will be released later so they don't know what lies to tell.
They didn't do their due diligence in encrypting data going through leased fibers -- they should have had the foresight to realize what a phenomenally bad thing this was. They didn't, hence why I'll never trust them again.
Let's say that they encrypted everything, and then you learn the NSA had kidnapped the children of one of their network engineers and forced him to turn over some keys. Again, whose brand deserves to be damaged here, the company, or the immoral nation state with vast military industrial resources at its disposal?
Why do I sometimes get the feeling that people specifically want to hate on these companies when the real outrage should be for the government spooks.
Kidnapped their children? Get a hold of yourself here. Google is a tech company, it is a perfectly reasonable expectation that they get the big parts of their security model right. Not encrypting data going through leased (or even their own) fibers? Big, big mistake. NSA and US government aside, Google dropped the ball big-time here.
> Why do I sometimes get the feeling that people specifically want to hate on these companies when the real outrage should be for the government spooks.
Funny you say that. Because I was pretty much a Google fanboy before all of this happened (oh, and their recent changes wrt privacy policies). I am very angry at the government, but that is a separate issue.
My point is, I don't want Silicon Valley in an arms race with the US government. The government is supposed to protect its citizens and companies, not work to undermine them. Google is working on rolling out better security, just like they eventually rolled out SSL everywhere before most other companies. They are at the forefront on this, but it still takes time and costs money. But even though they are spending time and resources on this, I would still like the US government to cut it out.
At the end of the day, Google lost. To a considerable extent, cloud lost. People who were trusting Google with their data lost. What is ostensibly true at this point at is that Google could have done something to have prevented this. All else is immaterial. Just like I would expect to lose business if I made a mistake and had data compromised (because doing X and Y was too difficult or too costly for me to do, because it was 'outside' my control, because I was too inept, or whatever else), Google should expect to lose some business the same way. If security is based on a threat model -- and it eventually loses, it was bad security.
There's no "if" about it. All security is based on threat model, the lock on your front door is based on the threat of the average criminal, and not Watergate burglars. Are you guilty of bad security? Is it your fault if your front door lock gets picked because you made assumptions about the sophistication of your attacker?
You originally said "I'll never trust them again", but that beg's the question, just who will you trust? Unless you are using end-to-end encryption with everyone, there is no way to secure against NSA interception, and pretty much all of Google's cloud competitors are actually worse in terms of deployed security. And assuming end-to-end is secure is basically just assuming a threat model where the NSA or Chinese government can't plant infected firmware or hardware in your devices.
Google is a company that's been leading the way to get everyone on the cloud. It turns out what it's also been doing is making mass surveillance massively easy due to poor security practices. One individual having bad locks is not analogous to what is at play here. You keep suggesting that Google should get a free pass because the adversary in this case was too sophisticated of a player: no, that does not matter, that is an excuse. Don't give me excuses. Google makes billions, it should simply have done a better job. Your earlier post took issue with Google's brand being tarnished unfairly, this is what I'm talking about to you right now, so the question of just 'who' I will trust is not very relevant.
To answer your question anyway: basically I'm going to pull away from the cloud as much as I can. No more google apps for me, no more gmail, no more anything where I end up putting my personal data or my clients' data anywhere but on my dedicated servers -- and using end-to-end encryption when any data needs to travel out. That does not remove the possibility of getting compromised, it just mitigates it.
>no more anything where I end up putting my personal data or my clients' data anywhere but on my dedicated servers
The probability that your servers would be compromised by actual damaging threats (hackers, malware, viruses, botnets) is far higher than that of Google, so I hope if your servers get hacked, you will similarly berate yourself and not make excuses that you should have done better and spent 10x more security than you are now. How many actual penetrations have occured of Google infrastructure where thieves (not government) made off with actual information that they'd put to damaging use, vs that of other smaller hosts? Everything you do has tradeoffs.
You keep making hand wave arguments about what Google could have or should have done, again, totally points about the threat models and historical context. When this program started, by some accounts in 2007, the vast majority of Web traffic wasn't even secured by HTTPS, no one was using channel-ID or forward security, and the majority of SMTP traffic was not protected by TLS. In fact, even today, only 50% of email traffic is TLS protected. In 2007, fewer Google services were probably multi-datacenter replicated as well. Encrypting the dark fiber would have been useless back then when the front door was left unlocked.
So, let's try to imagine a hypothetical conversation of some security engineers when new data centers got set up for replication:
Engineer #1: Dude, we should encrypt traffic on our inter-DC traffic.
Engineer #2: It's a buried dark fiber.
Engineer #1: Yeah, but the NSA could dig it up and tap it.
Engineer #2: That's illegal, and besides, it's a theoretical threat. We have a bigger practical threat, right now, anyone could just tap all front-end traffic, because most incoming user traffic is not HTTPS.
Engineer #1: You're right, let's get everyone on HTTPS first. Let's upgrade browsers, and Chrome, with better cipher suites. Let's add Channel-ID. Let's try to get SMTP users to use TLS.
The point isn't about excuses, it's about understanding at each point in time, what the weakest link in the chain is. The NSA taps of your email traffic might be worrisome, but the reality is, the Russians slurping up your credit cards, passwords, and doing MITM's to install botnets have far greater, actual practical damaging effects on you and your customers.
In an ideal world, everything would be secured against all possible attacks from day one, but internet infrastructure is rarely ideal. I started on the internet in the 80s in an era with zero encryption and where many services didn't even have passwords. We have gradually made things more and more secure, but getting there is going to take time. It's unfortunate that Google's efforts to secure it's fiber didn't happen a few years earlier, but if they did happen a few years earlier, it wouldn't have a made a difference, because upstream attacks were far more effective back then.
Sentences like that have no place on HN.
> Kidnapped their children? Get a hold of yourself here.
It's supposed to be an extreme example. He's trying to probe your boundaries -- if you'd forgive them in the kidnapping example, he could then name a somewhat less extreme example, like if the CIA had broken into a Googler's home to plant a recording device.
But, since you totally dodged the question, the opportunity was missed.
Apparently even tapping undersea cables is not as challenging as some think, according to Kapela: http://motherboard.vice.com/blog/undersea-cable-surveillance...
Because they promote themselves as tech-based companies, yet abdicated their professional duty to design secure systems because insecurity makes for easier monetization.
You would very much blame a car manufacturer when it turned out that all of its cars were keyed the same.
Pretty much all regular door locks on the majority of homes in the US are pickable. Have you installed an unpickable lock on your home?
Given what we currently know about the human mind and how people react to news I expect this to be the future way of releasing highly critical information.
Don't we expect our investigative journalists, to well, actually investigate things, instead of rushing to print?
For example, there was a famous slide showing when each company "joined the PRISM program", but the actual slide merely says "Dates when PRISM collection started for each provider". The reporter inserted the terminology "joined" which implies a partnership that didn't exist.
What these revelations reveal is that the NSA supplemented the data they got on a case-by-case basis through NSLs by outside-the-datacenter fiber taps of traffic, as well as upstream unencrypted HTTP and SMTP/IMAP traffic.
Which still does not contradict the original speculation that Google provided bulk data for PRISM. We do not yet know enough of all the stories as to judge who spied or helped to spy on us in what extend. There are too many lies, too many secrets and far too little liability out there to let the big companies of the hook yet.
In other words, NSA used court orders to access data with the knowledge (but gagging) of the companies (PRISM), while at the same time also hacking into the companies to access data without their knowledge (MUSCULAR). These things were both true.
The "taps foreign heads of state" et. al. really due blood, e.g. DiFi shocked the intelligence community for doing a public about face.
Presumably because monitoring us proles is just fine with her, but other members of the international elite? That's beyond the pale, and I don't assume her call for a "top-to-bottom review of U.S. spy programs" is to do anything more than find out other such elite embarrassments.
BUT, to the extent the above is not true, or is making this Total Surveillance State toxic, now's a good time to drop this tidbit.
Of course the cynical view that they held on to it to make some ad-money is not altogether wrong either, just unlikely to be accurate.
If that were their intent, I would expect them to release slightly faster, at least one significant document per week.