The Register® — Biting the hand that feeds IT

Feeds

Google's Wi-Fi sniff probe reveals 'criminal intent' - PI

'We paid them to say what?'

Agentless Backup is Not a Myth

An analysis of Google's Wi-Fi sniffing code, paid for by Google, suggests the company could find itself facing criminal charges, according to a privacy watchdog and pressure group.

Google's lawyers Perkins Coie paid computer forensics firm Stroz Friedberg to analyse the code used, presumably in order to defend itself against attacks from several privacy authorities in Europe and elsewhere.

Consultants from Stroz Friedberg analysed the source code for "gslite" - the program running while Google's Street View cars trundled along the street.

They found gslite - part of the gstumbler programme - was made up of 32 source code files and 12 extra files with config files and changelog information.

The software worked with Kismet - packet-sniffing software. gslite then parsed header information from any unsecured wireless network it passed. Kismet hopped channels five times per second in order to grab as many networks as possible.

The paper said that frames from encrypted networks were discarded by gslite. Unencrypted bodies were written straight to disc, but not parsed by the program.

Privacy International believe this represents criminal intent - data protection law does not normally allow the interception of communications in this way.

PI said: "This action by Google cannot be blamed on the alleged 'single engineer' who wrote the code. It goes to the heart of a systematic failure of management and of duty of care."

Gslite made no attempt to parse the body of any messages or file transfers, but it also collected numerical identifiers of kit attached to the network.

The program linked the information collected with GPS data from the car. The analysis notes that the GPS system provides geolocation data rather more slowly than network data so gslite corrects the difference between the two before storing the file.

PI's blog post is here, and it also has a link to the pdf report.

The "rogue engineer" theory was further undermined by Google's legal eagles' earlier moves to patent the network sniffing technology.

A Google spokesman said, "As we have said before, this was a mistake. The report today confirms that Google did indeed collect and store payload data from unencrypted WiFi networks, but not from networks that were encrypted. We are continuing to work with the relevant authorities to respond to their questions and concerns."®

What you need to know about cloud backup

Re: Perhaps Google should counter-sue

No, case not closed.

This is like a thief counter-suing, because a home owner left the doors unlocked before the robbery.

33
4

only storing packets worth mining

Of course they didn't store encrypted packets, the fscking car didn't hang around long enough to sniff enough data to decrypt it. These packets were useless for data mining, not storing them is an admission of intent, not an excuse for a mistake.

They need to stop digging and start properly apologising.

8
1

Stupid, yes

I'll gladly concede that users are stupid not to secure their networks. That does not allow Google to prey on their stupidity (well not by half-inching their data at least).

7
1

More from The Register

SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
 breaking news
NSA whistleblower to tech firms, Obama: 'Grow a pair!'
Ed Snowden: Email tracking grabs 'IPs, raw data, content, headers, attachments, everything'
 breaking news
Ecuador: All right, Julian, you CAN stay on our sofa - it's your human right
Minister and Wikileaker share cosy chat in tiny London flat
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
 breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
 breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
NSA: We COULD track you by your phone ... if we WANTED to
Honestly, too much work, can't be bothered