I enjoy watching how much exposure Google fanboys give Microsoft's Scroogled campaign by resharing the videos just to whine about them. Not sure they realize that's how marketing works.
16 plus ones
Shared publicly•View activity
View 20 previous comments
- If it was an opt-in service, millions of Google fans would opt-in. But if we let Google launch this as it's been announced so far, we've already lost. I'm sure it won't take long for some enterprising miscreant to figure out how to farm the data from it.Nov 27, 2013
- It's important to understand the diversionary tactics that MS is using these days. That is indeed why I noted their new Scroogled antic but did not link to it. // MS appears to be the last of the majors to the ball game when it comes to encrypting inter-datacenter links. That said, the surveillance in question has taken place largely overseas, which introduces some logistical complications, and at the scale of these datacenters such encryption is anything but trivial along any number of vectors. Anyway, we know that every country with the technology to grab what they can from circuits that terminate or transit their countries will do so to the maximal extent of their domestic laws, so pervasive encryption makes sense. // Re the Android "Caller ID" controversy. First, at least as I understand it, it's not really a caller-ID at all in the normal sense of the way most people understand caller ID -- as a service to reveal the number of the party calling you -- thus allowing you (in theory at least) to call them back. That's apparently not what Android is doing. Nor is opt-in necessarily a panacea for such situations. I do agree that many users may have forgotten or not fully understood the connections between their phone number and advanced comm systems like this, and I personally feel it would be useful if users were presented with an initial dialogue that reminded them of their current settings and an explanation of what they meant. As long as users are well informed about what their settings are, what their options are, and how they work, the chance of misunderstandings is kept low. We'll see what happens in the fullness of time!Nov 27, 2013
- Some of the encryption concern most certainly comes from expectation management. If you'd asked me a year ago how I figured Google ensured my data was secure between data centers, I would've told you I assumed it was encrypted really freaking well. I bet you'd get similar answers from most other people asked. We assumed Google would've done it. Google's constant assurances they take every precaution with data security should cover things like encryption by default.
There's a small number of people automatically opted out, but only because they recently opted out of something else, and are hence likely to know about this anyhow.
I don't feel Google can pretend to care about users having control of their data if Google practices default opt-in on new uses of their data, especially uses that reveal their data to others. Not just a notification, but requiring they take a clear action to opt in.Nov 27, 2013
- Hence why I didn't share the video or even a link to it.Nov 27, 2013
- "KitKat's new dialer, with the features they're slating to add in 2013. Using phone numbers people provided to them for identity verification purposes only, and opting them in automatically to be handed out to any 4.4-powered Android phone which requests it."
That feature/setting doesn't auto-propagate from the accounts security phone number, it's a separate setting altogether (https://www.google.com/settings/phone) which is blank up until you go out of your way to confirm your number in the Hangouts app.
Technically it was opt in since the dialog in Hangouts explicitly said it was for enabling reverse look up in Hangouts/across other Google services from the very beginning.Nov 27, 2013
- Conventional phone calls aren't encrypted between telco facilities, either. The underlying problem is that most assumptions about the security of leased or owned long haul circuits for U.S. services are based on the assumption of those circuits being in the U.S., where U.S. laws addressing those circuits apply. NSA (and Western counterparts) have long existed in a space where domestic communications by their own nationals receive a much higher degree of protection than foreign communications involving non-nationals. As I said, this goes back to telephony and telegraphy. (There are of course countries where domestic political telecom surveillance is pervasive, such as China and Russia to name just two.)
What complicated this dynamic is the rise of services that intermingle foreign and domestic communications and users, both through non-domestic datacenters and other ways. If you look at the overwhelming number of cases that relate to NSA, for example, you see that they were almost always targeting foreign comms
-just as they always have, just as their counterparts do, and as Congress has long authorized -but found it difficult (or a hassle) to properly minimize in all cases (even at that, the bulk of the issues with telco metadata were technical due to roaming phones going in and out of the U.S., causing their status to keep changing).
So NSA, et al, say, look, Congress (or our King, or our Parliament, or whatever in any given country) orders us to monitor foreign communications, just as we've always done. But now foreign communications is intermingled with domestic comms like never before. How do we fulfill our mandate?
One way they try to do that is monitor everything they can where foreign comms may be present, and try filter out the domestic stuff. And if such comms are opportunistically available they consider it to be dereliction of duty not to do so.
Don't like this state of affairs? Yeah, neither do I. But there's not going to be unilateral disarmament on this score by anyone, and a global verifiable agreement seems very unlikely.
So the best we can really do now, given the new realities of conflated comms, is to apply opportunistic encryption wherever we can, as it becomes practicable. Not to make targeted comms surveillance impossible, but rather to discourage mass comm surveillance (which tends to involve mostly innocent parties) by making it as expensive and time-consuming to perform as possible.Nov 27, 2013