[jacquesm]

Access to the low level storage stack would not allow you to query with so much detail and would likely not have an interface that would allow you to modify user settings at will. So he must have used some higher level tools.

[birken]

Well it depends.

For example if an application uses Bigtable, then the key + column names often gives a lot of information about what data is stored there, which if somebody had access to some basic application data they might be able to get at somebodies specific data.

However as you might expect there are many safeguards in place, including ensuring every action is fully and securely authenticated so even low level SREs cannot read application data without a paper trail. This story is pretty surprising to me, and if true this guy is an idiot.

[yrb]

Depends how subversive he was trying to be I guess. I was thinking more around the query layer for bigtable etc. He probably would have known the stack top to bottom.

I am not sure this is a 'solvable' problem. You can mitigate by always working in pairs. But even that just reduces the potential for privacy breaches.