I don't really get this, the implication is the container becomes more secure without access to the socket, yet it has access to the hundreds of local kernel APIs with which on the average month it can easily gain higher privileges than root, especially on contemporary machines where half the admins around these days don't even know what a security update looks like
Because they're looking for new revenue streams outside of the Google agreement, which stops paying out quite soon. It's a pretty slippery slope, but I don't mind the tradeoff they're making in this case.
Certainly beats them taking Adobe money (or cash equivalents) to bundle Flash, which is exactly what Chrome does (faster security updates blah blah yes I know, but a better extension update mechanism could work just as well)
They probably have rights to the project under the respective contracts they have with the employees. That aside, having "<new project> by ((Google(|rs))|<$big_corp>)" in the title has generally been a reliable filter for projects that do not stand on their own merit, and this one seems to be no exception.
My inner paranoid finds this interesting from the perspective of Google entering yet another domain where they have high accuracy data on the present/future whereabouts and private concerns of a large number of people.. add it to the hundred other properties they maintain that appear to have no direct business value other than capturing masses of sensitive data that was previously nicely decentralized and private.
Can't book a flight (ITA), order a taxi (this), book a hotel or chat with a friend (Gmail), or pay for dinner (Wallet) without generating an activity log with a single company.
Even if (and perhaps even probably) Google weren't doing this intentionally, they've already demonstrated through failing to encrypt their inter-DC connections how they're becoming a massive single point of failure (remember Snowden showed us the NSA were tapping Google's internal network already). Whether the end result is an intelligence service tap, or some legislative measure affecting the company done in the open, I'll simply never be comfortable with one company concentrating so much personal data affecting so many people.
More seriously though (HN can't take a joke), what is the real concern here? NSA can't 100% trust the data they collect and it certainly can't be used in any court because plausible deniability (and past, known-fabrications/parallel-construction) will always trump whatever records or logs are produced.
Excessive. You can call an airline, hotel or taxi company directly, text your friends or pay for dinner with cash. Your inner paranoid is drawn to the convenience of the services that google offers. If you don't want one company to have a lot of information about you, then don't use that company for everything.
Google loves data. But generally in the aggregate, not the personal. I've yet to see anything even remotely creepy of any kind from google advertising. "Hey karmacondon, we saw that you recently booked a trip to las vegas, took a self-driving cab to the Bunny Ranch and used your Google Wallet to pay for two hours with someone named 'Bubbles'. Can we interest you in some anti-itch creme?". That kind of personal intrusion just doesn't match anything I've seen from Google, and until that day comes I'm willing to give them the benefit of the doubt.
MasterCard and Visa know more about you than Google ever will. You can't book a flight or check into a hotel without using a credit card, which is directly attached to your name and is trivially subpoenable. If you're really worried, there are ways to live a cash only existence, but it isn't easy. Some level of trust is required to live in modern society. It's good to be skeptical, but it always comes down to the level of inconvenience you're willing to trade for privacy.
>MasterCard and Visa know more about you than Google ever will
Google has knowledge of routes which you take to work everyday. Friends you are close with. Online services you are using. And you want them to have it. You don't want (atleast intentionally) MC/Visa to have that kind of knowledge about you.
I wonder if eventually NSA will get massive layoffs because much of what they'd do would be redundant, and for 80 percent of the stuff they want they could just ask/hack Google. The other 20 percent employees will remain for users of Google competitors and more targeted spying. So essentially 80 percent of NSA's "intelligence" would be outsourced to Google (for free).
Nope. The fact that they have to be a bit fuzzy with their accounting to cover up the interesting programs means it is near impossible to tell who is sitting idle and useless, and who is super critical but on a project that intentionally is described as idle and useless.
> This is Google's core business. And I don't consider the NSA more creepy than Google's other customers.
Google's core business is keeping personal data and using it to target ads that advertisers pay Google to show, not providing that personal data to paying customers. Selling the data would be giving away the prime competitive edge Google has, which lies in selling services (primarily advertising) where Google has a competitive edge because of its unique access to the data.
So, unless the NSA wants Google to show you ads rather than wanting detailed information on you, what they would be looking for would not be what Google's core business involves selling.
i assume you've read the recent article by nafeez ahmed from vice, etc, about how google's search algorithms were funded via the NSF/CIA/NSA for 2 years before google ever existed and that sergey reported to someone working for the CIA's ORD for that period.
It's possible.. they dropped their hugely incomplete Google Wave rotten egg on the public only a day before Microsoft announced MSN's Bing rebranding. Various project domains (waveprotocol.org) were only registered 2 weeks prior. Wave seemed like a weird and frivolous product until you look at it from this angle, at which point distraction seems like it could have been the only reason it was released.