Is your Wi-Fi unprotected? Google probably stole your data.
May 16, 2010 36
Email article | Print article 
Privacy, privacy, privacy; it seems all like everyone is talking about nowadays is privacy. And why shouldn’t we be – no one likes the idea of big brother watching every move we make on the internet or having some psychopath be able to find us by simply typing our name in a search engine. One of the most notorious firms centered around privacy issues is Google. (After all, Google’s core business is derived from advertising and advertising depends on being able to quantify users’ surfing habits; advertisements may be a necessary evil to fund websites, but they are an evil nonetheless in my humble opinion.) So, why am I not surprised to learn about Google’s “recent blunder” of collecting private data from unprotected Wi-Fi connections?
Google provides a service called Street View which basically is a service that allows users to view images of places from all around the world. (Google collects these pictures for Street View via their Street View cars which go around and snap pictures and such.) Recently, after complaints of privacy issues related to Google’s Street View cars taking pictures of anything and everything, the German government audited the data that Google collects via Street View cars. Thanks to this audit it has been revealed Google’s Street View cars have “been mistakenly collecting samples of payload data from open networks”. In other words, if you have an unprotected/unencrypted Wi-Fi connection, Google’s Street View cars may have collected your private data, such as “parts of an email, text, photograph, or even the website someone may be viewing”. To add icing on the cake, this has been going on for three years.
Google claims that the problem can be attributed to experimental Wi-Fi code written by an engineer back in 2006; this experimental code was “mistakenly” included in the software that Street View cars use and “as soon as Google found out” they “grounded [the] Street View cars and segregated the data on [their] network, which [they] then disconnected to make it inaccessible”.
Personally, I don’t know about everyone else, but I am not buying the “oh it was a mistake, we didn’t know what was going on” excuse. How in the world can you “mistakenly” collect data for three years and not even know it? If it was a bug of some sort, I would understand; however, we are talking about real data – someone had to process the data being collected by the Street View cars, someone had to know what was going on.
Google, don’t make the same mistakes Facebook is doing about privacy or I may just start using Bing. (…Okay, probably not.) (Ignore the fact that the issue mentioned in this post has nothing to do with Google’s search engine services – it is the principle of the issue that matters!)
Oh, and moral of the story? Protect/encrypt your Wi-Fi! By protect/encrypt I mean set a password to it, preferably using WPA2, but even WEP is better than no protection at all. (Go to your router settings to access these features.)
[via BBC News]
Feel free to flame Google in the comments below.
Huh. Well, I always have encryption on my router, so I’m not worried, but this is too far. Wonder what they’re doing with all that data…
@Gvape: Well according to the official Google blog they “never used that data in any Google products”. Take from that what you will.
Seriously though, if you don’t have an encrypted wifi network and you knew about security, you totally deserved it. At least it was a corporation, not a hacker.
@Locutus: Actually I bet hackers beat the corporations by a decade =P… we just don’t know it officially.
@Ashraf: Exactly. XD
I know someone that goes around my neighborhood and tries to find free (unencrypted) wireless connections to connect to with his iPod.
@secret2008: Everyone does that.
I live in a large metropolitan area – it endlessly surprises me how many times I’ve encountered unprotected networks. I occasionally update my best friend’s netbook at her house, thanks to an unknown neighbor’s wifi. (I prefer to do it for her here, however, the signal’s much better!) I sometimes wonder if users in smaller towns and remote locations even think of securing their networks.
As to Google, it’s still not clear to me exactly what form the collected data took. Discrete information streams or random data packets? We’ll probably never know. Unless, of course, we ask the friendly neighborhood hackers! 8-)
@secret2008: Would that be me?
Well, as you should know very well, hackers can easily crack any Wi-Fi connection no matter if (WPA) protected or unprotected….so it’s not just GOOGLE that can steal your sensitive data online and having a protected Wi-Fi connection can only minimize your damages…treble sigh!!
And anyway, if I were you I would be much worried for these irrefutable facts:
http://www.criminaljusticeusa.com/blog/2009/25-surprising-things-that-google-knows-about-you/
http://mashable.com/2007/07/07/google-vs-everyone/
http://www.prisonplanet.com/articles/december2006/061206seedmoney.htm
As for Wi-Fi unprotected connnections there is actually an easy (FREE) solution to avoid being “tapped” by GOOGLE or bloody hackers out there…LOL!!
In fact, if you are worried to keep your privacy and sensitive data from hackers or from GOOGLE when accessing free public Wi-Fi hotspots, well I recommend you use HOTSPOT SHIELD 1.37 :
. Secure your web session with HTTPS encryption.
· Hide your IP address for your privacy online.
· Access all content privately without censorship; bypass firewalls.
· Protect yourself from snoopers at Wi-Fi hotspots, hotels, airports, corporate offices and ISP hubs.
· Works on wireless and wired connections alike.
· Secure your data & personal information online.
http://www.softsea.com/review/Hotspot-Shield.html
http://www.softpedia.com/get/Security/Security-Related/Hotspot-Shield.shtml
Enjoy yourself and say goodbye to GOOGLE’s fu@kin online spying activity.
@Locutus: Ya’ know, I understand your comments as to people who don’t have network security set, but:
I’m a moderately intelligent person and I tinker around with software. But I just feel stymied by networks. Numerous settings, much of which is not really explained (heck, my router didn’t even come with a manual explaining its operation and settings), significant complexity, multiple standards, conflicting (and often inadequate) advice including from ISPs/DSL providers, and continual issues and complications.
And this is from someone who likes technology. Could my parents (also intelligent people, but from a pre-computer generation) deal with a network? No way. And if, by any chance, they had one, I could understand why no security was set.
I understand that some few routers nowadays truly are plug-and-play. Exactly what is needed, in the face of this complexity. People just can’t keep pace with the complications of the technology, and should not be expected to do so, realistically. My landline telephone doesn’t ask or require me to figure out how it works …
@Mike: I agree with your statement. Furthermore there’s a lack of awareness when it comes to network security ( home user end ). I do on-site repairs and you won’t believe how many of these folks have their networks wide open. It’s all about hooking up and go.
I also find unencrypted Wifi to use when I can’t find free public ones. Seriously, I think you should encrypt your Wifi, but Google would probably have much more data about you already via your Mail, Chat, etc.
Is just having a password good enough? Any advice on what more to do & how to do it??? Doesn’t sound like it would be enough, now that I read the above.
I tried telling my sister I thought Google probably saves all your Gmail for less than honest reasons, but she shined me on, totally trusting Google. That’s the biggest problem in the USA today- people just totally trusting the government & places like Google. Gees, even fairy-tales aren’t that trusting.
*
In case they happen to check comments about them: Shame on you, Google! You recorded personal things from people’s WiFi connection, by using your wonderful Street View cars? Of course we don’t believe you did it by accident. It baffles me why you’d think we would believe that silly story. A 1st grader wouldn’t believe that. OK, maybe my sister would believe you. But most won’t. And I’m sad you used the Street Views cars like that, as that could ruin a great thing! I love Street View! PLEASE let us trust Street View again!
Ya know..I sure wonder why they admitted to it now. Maybe someone “squeeled”? Is Google as big as oil companies & all the others who get by with so much bad stuff anymore? We built them up, so I suppose we could boycott them if it gets any worse.
Does ‘your private data’ include information transmitted through secure sites (such as bank account numbers, credit card numbers, etc)? If not, then I don’t see that Google was getting anything they wouldn’t normally have. If you’re using their search engines, they know what websites you visit (that is, after all, the basis of the new, more personalised search). If you use g-mail, they’ve got text, photographs, and anything else you’ve sent, and they already have enough data to sell your e-mail address and the websites you visit to spammers, if they wanted to.
*If* they were collecting secure information, and *if* they were getting it in a form that would allow them to put together name, address, phone number, and websites visited, then they would have something they could sell to advertisers, and that would definitely be a bad, bad thing.
When you think about it, there are plenty of sites that have far more personal data – Paypal and Amazon come to mind. I worry a lot more about the possibility of these sites getting hacked than what they are selling to advertisers. The difference between them (and Google) and Facebook is that Facebook makes very personal information information available to *everyone*, including the hackers, stalkers and spammers.
@Skye-hook: You asked..”Ya know..I sure wonder why they admitted to it now. Maybe someone “squeeled”? …
The German government discovered the data conducting an audit of the data collected by the cars. The German government allows its citizens to “opt out” having their property displayed on Street View. Unlike the USA, Europe believes that individuals can decide what to do with their personal info, not the corporation that collects it.
This is EXACTLY why I would never take wi-fi (or satellite). It has always seemed to me that data sent over internet connections that used open air instead of cables (telephone lines) were even less secure than dial-up or dsl.
Hey I love Google but I didn’t know they did this! I’m not worried though, my routers always have security.(because annoying neighbors steal my bandwidth when I don’t) :)
Interesting. But not surprised they would do this.
@Giovanni (smart King of Freebie…LOL!): WPA2 hasn’t been cracked yet. :D
(Bold is stuck “on” for some reason…)
Well, theoretically, I hold rights to my personal documents and pictures. Now, I have a protected WiFi (WPA2), but I don’t authorize Google to collect my documents. Someone should prosecute Google over this.
BTW, I use Bing because I hate Google’s privacy policy.
@susan zelenevitz: It’s only wired from your end. The wires you have connected don’t wrap around the world connecting to every single place you visit online or connect to.
At some point the information is sent and received via towers and satellites around the world….which are all wireless.
@Mike: I am totally with you on this one. I can’t even figure out how to set up my network with the wireless gadget I bought and stuck into the USB port of the computer not attached to the ethernet cable. I got the router working (because it works if I take another ethernet cable and attach it to the router and the main computer to the one far away - but I didn’t want the cable dragging around the house), but have no idea what my WEP is and so I can’t set up the internet network. I used to be able to write software (before the brain injury) - but I have ALWAYS been stumped by hardware – and the coma didn’t help – still – if I can figure it out this far, and no further, I KNOW there are people who couldn’t do it.
I can’t understand TV anymore either – HDTV, LED, Plasma, HDMI, etc… it makes no sense….yet the kid with acne rattled them all off as if I should know it! While our generation tries to keep up with technology, some of it is simply “too much”. My mom won’t even update her computer and I know a RN (and she’s even also a lawyer- very intelligent) who never figured it out and she ends up having to get a new one every 2-3 yrs – unless I defrag, update (I now have it set to automatice, since she couldn’t understand if she needed certain “optionals”), & run a free adware (she hasn’t purchased anything to do this), etc…
Heck – I even read this blog to get a better idea of what’s going on in this area!!
So, Locutus, PLEASE, have some compassion on us! lol Afterall, as a RN, I didn’t knock a patient for not being able to figure out how to start their own IV or ask an intelligent question! I didn’t even knock patients who didn’t know you don’t deliver a baby out of the same place you use the restroom with! This area has become incredibly complicated.
And, for Secret2008 – you are simply displaying characteristics of a predator, nothing to be proud of. How would you feel if I, as a RN, took advantage of your ignorance and had you go through a procedure you didn’t have to? Or, make fun of you for not knowing everything I do? We all have gifts that we are given – whether it is intellect or compassion, etc…and if we all did what you are doing (taking advantage of people who are ignorant – not the same thing as stupid ), then it would be a mighty sad thing.
@Locutus: See my reply to Mike, as I also included you….
The Google mobile could only capture a few seconds worth of data on its drive-by mission. Theoretical, the wi-fi range should start and terminate in about 10 seconds at 10 mph. Even if an active connection was transferring data and this camera contraption Google car did a slow drive-by, that still doesn’t seem to be enough time to grab a sufficient amount of data. On the other hand, I imagine they could mark the address and then sell it to a three letter government agencies to come back and finish the job.