Hacker News new | ask | show | jobs
by Systemic33 4620 days ago
Seems like its just a straight up competitor to Cloudflare. There doesn't' appear to be any direct revenue gain from this, maybe this is more of a mafia protection kinda thing (as in protecting its interests, the websites hosting its ads).

Does anyone know what it takes to mitigate DDoS, at this kind of scale?
4 comments
jamroom 4620 days ago
I see big time indirect revenue - with all of a sites actions/users moving through Google, they can gather way more (potentially private) information about a user - all the better to sell targeted ads on. Call me cynical, but that was the first thing I thought of when I saw this.
link
workhere-io 4620 days ago
Call me cynical

Cynicism is warranted when it comes to Google. The fact that they gave NSA direct access to their systems; the fact that their Street View cars collected personal information through wi-fi networks, etc. means that "Don't be evil" is just a facade.

link
Volpe 4620 days ago
Wi-fi networks aren't private, you can stop a "broadcast" of the SSID, otherwise you "broadcast" it (publicly).

It's the equivelant of the the Streetview car capturing 'public property', if you want 'privacy', put up a big fence and don't broadcast your SSID.

As for the NSA issue, I'm not going to defend google too much there, but you've seen what happens to providers who didn't comply... I would put that down to more a 'The US govt is pretty hostile to privacy' more than "Google is evil".

On the scale of 'evil shit' happening in the world. Google collecting my Wifi network name ranks about similarly to 'J-Walking'...

link
workhere-io 4620 days ago
They didn't just collect wi-fi names, they also collected other forms of data, some of which could be considered private. http://www.wired.com/threatlevel/2013/09/googles-wifi-wireta...
link
packetslave 4620 days ago
Please provide a source for your "fact" that Google "gave NSA direct access to their systems"

As opposed to the multiple vehement denials of that "fact" from Google's executive officers (see David Drummond's interview in The Guardian, for example)

link
workhere-io 4620 days ago
Here's a Snowden video in which he explains it (scroll to the bottom of the article): http://politiken.dk/udland/ECE2108923/usas-spioner-overvaage...
link
thrownaway2424 4620 days ago
There's Snowden flapping his lips, yes. No argument there. The problem is he's wrong and has presented no compelling evidence at all.

The other problem is your worldview is not falsifiable. Everything Snowden says is true to you and everything Google says is false because Snowden said they would lie about it.

link
piggity 4620 days ago
I guess the main issue is that the timeline of events has gone like this:

Snowden/Guardian: NSA is doing X Govt/NSA: We are not doing X Snowden/Guardian: Here are some slide/proof Govt/NSA: Ok we are doing X, but it's for your own good.

Rinse and repeat each fortnight.

So each denial means less and less, and tips believability towards Snowden even where the proof is inconclusive in some cases.

link
workhere-io 4620 days ago
The problem is he's wrong and has presented no compelling evidence at all.

The Guardian and every other major news outlet seemed to think his evidence was compelling.

link
XorNot 4620 days ago
Yeah I mean all those people who were broadcasting unencrypted information loud and clear to literally any device that receives wi-fi packets in the immediate vicinity, they have no culpability in this whatsoever!
link
workhere-io 4620 days ago
Using your argument I could say that if you leave your laptop unattended, it's my right to steal it.

The people who left their wi-fi open didn't do it on purpose, and didn't want Google to access their information.

link
andylei 4620 days ago
copying isn't the same as stealing.
link
hsod 4620 days ago
This brings up an interesting point.

When referring to "content," (TV, movies, music) it is common for people on HN and Reddit to refer to digital information as something that should be freely exchanged, that ownership is a meaningless concept in a world where creating a copy of something is essentially free. It is common for those who seek to lock down or restrict access to digital information in the form of entertainment media to be referred to as "dinosaurs" who are desperately clinging to an outdated business model and refusing to move into the modern age of free and ubiquitous data sharing.

Then, of course, there is the idea that online privacy is a fundamental right, and that guarding our personal information from both nation-states and corporate interests is of the utmost importance. In this context, those who seek free access to digital information are cast as villains and reviled for using modern technology in a way that doesn't fit with our classical understanding of privacy rights.

I understand that there are multiple people on HN and Reddit and they don't think as one, but I think it's fair to say that both of these opinions fall on the same side of the political spectrum.

I wonder if there's a contradiction here? There's clearly a difference between downloading Game of Thrones episodes and reading everyone's e-mail. But is it a qualitative difference or a quantitative one?

link
freehunter 4620 days ago
In terms of personal information, it's a lot closer to stealing than copying. Consider the harmful effects of someone having your account login information or personally identifiable information (government ID number, etc).
link
jacalata 4620 days ago
Yea, so when you give a restaurant server your credit card and they copy all the details off it to use later, it's a) your fault and b) not wrong anyway?
link
mcantelon 4620 days ago
Private citizens don't have IT staff, so their security is often unaudited. The law considers authorized access via a vulnerability to be similar, conceptually, to trespassing.
link
XorNot 4620 days ago
Except its not a vulnerability in the normal sense. It's the functional equivalent of playing a private recording with your speakers turned to maximum and the windows open - just in the EM spectrum.

I'm not contending that using that information wouldn't be a crime, but accidentally collecting it certainly should be held to a different standard.

link
valas 4620 days ago
Wow, Google is trying to provide DDoS protection and you figure it must be evil.

Can you think of one thing Google could do for you to think that they are not evil?

link
Dirlewanger 4620 days ago
Yeah, how about fighting for users' privacy rights and spark an inevitable years-long court battle all the way to the Supreme Court and not taking NSA's bullshit? They have the funds to do so. They're possibly the only company that could stand up to the government in addition to banging enough pots and pans simply by putting up something on their homepage to alert users as to what they're fighting for.

But they won't. Continued and uninterrupted profits are too important.

link
valas 4620 days ago
They do to an extent they can. They fight for more transparency (http://gigaom.com/2013/08/22/google-and-microsofts-plea-on-n...) and fund organizations such as EFF.

You have to understand how US law works. If you are not an injured party, you can't sue the government for it. In other words, Google cannot sue the government for the injury government is causing to you. What they can do, however, is claim an 'injury' on First Amendment grounds, reasoning that their free speech is limited when they cannot disclose that John Doe is being surveilled (and thus John Doe is being injured). They do that with the hope that with transparency John Doe will have the information necessary to sue the government.

link
Ygg2 4620 days ago
Yahoo! did try to fight. If they can attempt I'm sure Google could put an even bigger fight. Not to mention they have money for lobbying in Congress.
link
balabaster 4620 days ago
Their obligation to their shareholders actually means that their uninterrupted profits are too important.
link
nl 4620 days ago
Google's share structure[1] means this isn't actually the case at all.

[1] http://business.financialpost.com/2012/04/13/new-google-stoc...

link
snowwrestler 4620 days ago
That was my impression too.

The simplest way to mitigate a DDOS is to just have way more resources than your attacker. If you're getting hit with 10Gbps, and your site can handle 100Gbps, you're not going to go down. Google obviously has plenty of capacity.

On top of that there are filtering technologies that can block obviously fake traffic or well-known signatures like the LOIC.

The most sophisticated attacks occur at the application level. A Google service would not be able to help configure your install of Wordpress to resist this. But they could probably serve a static cache of your site. Interactive features like login or search would not work though.

Cloudflare does all of these things and more.

The way I read this, Google would not charge for this service. They would select "worthwhile" sites to protect out of the goodness of their heart.

The cynical take is that it is a PR project to help repair their "defenders of the Internet" brand. They built it up with SOPA, but it's been damaged by PRISM.

link
packetslave 4620 days ago
Did you seriously just accuse Google of "a mafia protection kinda thing"? Seriously?
link
jere 4620 days ago
I'm assuming the OP was referring to a protection racket: http://en.wikipedia.org/wiki/Protection_racket

>A protection racket is an operation where criminals provide protection to persons and properties, settle disputes and enforce contracts in markets where the police and judicial system cannot be relied upon.

Of course, Google isn't threatening anyone with DDoS, (even assuming that they somehow make money of you).

Otherwise though, it's somewhat of an interesting analogy. This is a form of protection (of online property). And you can't really rely on the police to protect you from DDoS. I suppose it would be more reasonable to just compare it to a security firm though.

link
icambron 4620 days ago
> I suppose it would be more reasonable to just compare it to a security firm though.

That's why the analogy is not interesting; the use of "mafia" is silly because it implies there's some criminal element to Google's intensions. For example, here's the opening line of that Wikipedia page:

> A protection racket is a scheme whereby a criminal group provides protection to businesses through violence outside the sanction of the law.

The only word this has in common with what Google is doing is "protection". The analogy captures nothing useful that "hiring a security guard" doesn't. But it also captures a whole universe of other implications that are entirely unwarranted and laughably unfair. It's a terrible analogy.

"You're just like a mafia don in that you also drive a car."

I should disclaim that I don't think the offering is above suspicion and criticism, just that the comparison to a protection racket is absurd.

link
Systemic33 4620 days ago
Thanks for clarifying, that's exactly what I meant.
link
IanCal 4620 days ago
> There doesn't' appear to be any direct revenue gain from this, maybe this is more of a mafia protection kinda thing (as in protecting its interests, the websites hosting its ads).

What? These websites are unlikely to be hosting their ads ("election sites" is one of the examples ffs). It's free while they're beta testing it with humanitarian/similar websites, it may be a driver for people to pay for the Page Speed service in the future when they roll it out to more people although they say they'd like to keep it free for non-profits.

All of which you'd know if you'd read the site rather than making ludicrous comparisons to the mafia.

link