New Info: Chinese Hackers Targeted GOOG's Internal Spy System

By Tom Foremski - January 13, 2010

Computerworld has a very interesting story about the Google/China flap.

Reporter Robert McMillan quotes an unnamed source:

...they [hackers] apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press. "Right before Christmas, it was, 'Holy s***, this malware is accessing the internal intercept [systems],'" he said.

Google was already hosting a spy system that could provide the Chinese government, and any other government with user data. They merely had to request that data through a search warrant. That internal spy system became the weak spot in Google's security technology.

But why would the Chinese government try to hack into a system that was already providing it with user data?!

Clearly, the Chinese government was looking at collecting data on all other Google users, not just human rights activists. China was trying to spy on us all!

And it was Google's internal spy system that compromised all its users.

Kimo Crossman, an SVW reader, makes an astute observation when he says that "wiretapping systems increase attack vectors."

Google's own spying system became the perfect system to hack because it was already collecting all usefull data.

Google's anger with China is understandable. But to use human rights as a pretext for pulling out when it was Google's own spy network that got it into trouble seems outrageous.

. . .

Please see: GOOG v China Highlights Security Risk Of Wiretapping Systems


« Analysis: GOOG China Pull Out Might Be An Extension Of Its 'Borderless' Korean Policy | Main | Rob Glaser: Pioneer Of Badware Leaves Real Networks »

                   

Posted to ChinaWatch

January 13, 2010 | Permalink | Comment | Subscribe to SVW

Comments (4)

Joel:

I'm sorry, but Google already has access to all (y)our data. Why do they need a special "spy" system to access what's already on their servers?

(also, your comment form is busted when not using preview)

Posted: January 13, 2010 9:28 PM

Tom Foremski Author Profile Page:

Google has access to the data but it needs to process that data to fulfill search warrants. It's 'internal intercept' system has done much of the hard work in collating huge amounts of user data. What a perfect target to hack.

Posted: January 13, 2010 11:23 PM

Cronan:

Tom,
Google has access to people's data. That's not spying. That's called managing an online email service. People know Google can access their data - that's the deal when you sign up. People did not agree to third parties accessing the data (without a search warrant) and neither did Google. That's a big difference.
Cronan

Posted: January 14, 2010 8:06 AM

Tom Foremski Author Profile Page:

Cronan: Google's 'internal intercept' system is specifically designed to collect user data that is handed over for search warrants. It's not user data used to improve the Gmail experience but to enable police authorities to investigate criminal activities. It's a spy system -- the users aren't told about it.

Posted: January 14, 2010 10:53 AM

Post a comment

- New! SVW Webcast Channel - Interviews With Top Executives - Free Registration.

Tom Foremski #28 on San Francisco - Silicon Valley Top 50 Most Influential
PR Week: Tom Foremski - top journalists you should know!
Tibbr_Flash_300x250_v3.jpg
 Bacon's names Silicon Valley Watcher one of the most influential blogs in the US.
In CNET's Top 100
blog100 149x46.jpg
Best Bay Area Blog
SF Publicity Club's ninth annual awards celebrating excellence in media.

Categories

Tag cloud