You are here

Cybersecurity

My Network World Interview on Google's Privacy & Security

My Network World interview with Ms. Smith, the Privacy and Security Fanatic, about: Search & Destroy Why you can't Trust Google, is here. The link to my book site is here.

Announcing My New Book: Search & Destroy Why You Can't Trust Google Inc.

I've long thought there was a big untold story about Google, essentially a book all about Google, but told from a user's perspective, rather than the well-worn path of Google books told largely from Google's own paternal perspective.

 

 

 

Given that Google is the most ubiquitous, powerful and disruptive company in the world, it seemed logical to me that users, and people affected by Google, had a lot of important and fundamental questions about Google that no book had ever tried to answer in a straightforward and well-defended manner.

Google's Anti-Management Bias Problem

In a remarkable admission for a senior public company executive, Google Chairman and longtime former CEO Eric Schmidt told Gigaom: "At Google, we give the impression of not managing the company, because we don't really. It sort of has its own borg-like quality if you will. It sort of just moves forward."

If the executives ultimately responsible for "managing the company" to ensure it proactively respects users' privacy, vigilantly guards against security and data breaches or property infringement, is not really "managing the company," it now makes sense why Google has so many privacy scandals, and security and property infringement problems.

Generally protecting privacy, security and property rights are not engineering goals unless company management and managers have internal control and management focus, systems, processes, and procedures to ensure they are a priority to engineering teams.

Google's lack of interest in management execution is evident in Google's:

 

Google WiSpy II & Privacy Scandal #11 vs. Apple's Respect for Privacy

The current media and Congressional interest in the new revelation that Google and Apple have collected WiFi location information has largely missed an exceptionally salient point -- Google and Apple have very different privacy track records stemming from their very different attitudes toward privacy.

Google Privacy Scandal #11:

DOJ: Google Misrepresents Govt. Security Certification -- Google's Federal Rap Sheet Grows

Google's ignominious Federal rap sheet only grows longer.

 

  • Friday the DOJ effectively charged Google with misrepresentation to the public.
    • Google represented that its cloud service for Government was certified under the Federal Information Security Management Act (FISMA) since last July, when in fact it was not FISMA-certified for the product that Google claimed it was.
  • This latest Google misrepresentation revelation came in a DOJ filing to the Federal Court which is hearing Google's case against the Department of Interior of the U.S. Government:
    • "On December 16, 2010, counsel for the Government learned that, notwithstanding Google's representations to the public at large, its counsel, the GAO and this court... Google does not have FISMA certification for Google Apps for Government."

 

I.   What does this mean?

Key Questions for Google's New CEO Larry Page

When the world's most powerful company gets a new CEO for the first time in a decade, everyone naturally has a lot of questions.

 

  • When new Google CEO Larry Page decides to become accessible to people outside the insular Googleplex, here are some key questions to ask Mr. Page about: priorities, management philosophy, privacy, antitrust, intellectual property, and social responsibility.

 

 

Priorities:

Google's No Privacy by Design Business Model

Popular bipartisan interest in safeguarding consumers privacy in the U.S. and Europe confronts Google with a core strategic problem because Google's targeted advertising business model is no "privacy by design" and no "privacy by default."

 

  • Google bet wrong and big in assuming that since technology made it so much easier to track and profile users for targeted advertising, users would just accept the new loss of privacy and users and governments would never enforce user demand for choice to protect their privacy.
  • Google's all-in company bet on openness, transparency, and sharing, was also a strategic bet against robust privacy, security, and property protections.
  • In choosing to brand itself as the penultimate "White Hat" player promoting "openness," Google has effectively designed its business, architecture, and brand to be the main "Black Hat" player on privacy.

 

Google's No Privacy By Design model is unique.

 

Google's Deep Aversion to Permission -- "Security is Google's Achilles Heel" -- Part XI

Google's deep aversion to securing the permission of others before doing something that affects them is central to Google's famed "innovation without permission" ethos. Sadly, it is also the wellspring of Google's infamous privacy and security problems.

Where does Google's deep aversion to permission come from? From Google's founders, Larry Page and Sergey Brin, according to their mentor Terry Winograd, in Ken Auletta's book "Googled."

  • "Winograd describes his former students as impatient: 'Larry and Sergey believe if you try and get everybody on board, it will prevent things from happening. If you just do it, others will come around to realize they were attached to the old ways that were not as good.' The attitude, he said 'is a form of arrogance.'"

 

This week we witnessed the latest high profile example of Google's deep aversion to getting the permission of others.

A few days ago, Google announced that it remotely disabled malware-infected Android applications without the permission of 260,000 Android users who bought or downloaded infected applications from Google's app store.

 

Google Sides with Wikileaks

It is stunning that Google's decision to side with Julian Assange's Wikileaks and make all the stolen secret, private and proprietary Wikileaks information universally accessible to the world via Google search, has gotten virtually no media attention, given the:

 

  • International carnage and controversy caused by Wikileaks reprehensible actions;
  • Media's broad coverage of Wikileaks;
  • Google's serial disrespect for others as evidenced by its serial privacy, IP, cybersecurity, and antitrust problems around the world that have been broadly covered by the media; and
  • Google is the world's leading source for accessing Wikileaks secret, private and proprietary information.

 

When Google's Acting CEO Eric Schmidt told the DLD media conference in Munich (as reported by Reuters):

 

Why FCC's Net Regs Need Administration/Congressional Regulatory Review

To promote "America's free market," President Obama today ordered a government-wide review of regulations that "make our economy less competitive," in order to take us "toward a 21st century regulatory system."

Here is the case for why the FCC's December Open Internet order deserves to be atop of the Administration's regulations to review for abolition.

 

 

First, the FCC's new Internet regulations violate the President's goal of a "21st century regulatory system" by applying "outdated" 19th century common carrier regulatory thinking and approaches to the previously un-regulated, and flourishing 21st century Internet. (Para 68)

Second, the FCC rules violate the President's goal of avoiding "excessive, inconsistent, and redundant regulation."

 

Pages

Q&A One Pager Debunking Net Neutrality Myths