Hacker News new | ask | show | jobs
by bingidingi 1834 days ago
Doesn't really matter what you expect, they're collecting the data and there's no evidence that they aren't using it to track... so we have to assume they do. Remember they were going as far as collecting data from people's networks using their Google Maps wifi-sniffing vehicles before they were caught.
1 comments
extra88 1834 days ago
> we have to assume they do

No we don't.

> collecting data from people's networks using their Google Maps wifi-sniffing vehicles

That was an error due to misconfiguration, failing to discard the data beyond that which identified the network for location mapping.

link
josefx 1834 days ago
First link[1] I found says otherwise, unless you consider having a plan to collect and analyze email, phone numbers and other information from the payload data and having internal reviews of the code intended to do just that to be a "configuration error"? People really should stop trusting everything known habitual liars / big corporations say.

[1] https://www.wired.com/2012/05/google-wifi-fcc-investigation/

link
extra88 1834 days ago
Thanks, I hadn't seen (or don't recall) those details.

Even that story portrays the payload collection as basically one "rogue" engineer's intention, not a part of a business or project plan. While other engineers accessed the collected payload data later, they may have reasonably assumed that if they had it, someone had ok'd it.

So rather than a coding error, it was an organizational failure to oversee the engineers' work, the FCC's report says as much.

link
josefx 1834 days ago
The problem is that they followed the classic of denying everything they could until evidence against it turned up:

1. we didn't do it

2. we did it by accident in small cases

3. we did it by accident in worse cases

4. we did it intentionally but one guy was responsible

5. we did it but it was just one rouge dev. team

Add to that the unredacted report noting that Google kept delaying and hindering the investigation and it is rather clear that "6. we did it and management was neck deep into it" is more likely than not.

link
bingidingi 1834 days ago
> No we don't.

Seems like basic data security to me. If my credit card number (valuable data) is posted to the dark web I have to assume someone will use it and it's insecure. Google has the data, so they can now use it whenever they decide it's valuable. Until I have evidence that it can't be used, I have to assume it's insecure.

link