Profile

Cover photo
Paul Chambers
99,545 views
AboutPostsPhotosYouTube

Stream

Paul Chambers

Shared publicly  - 
 
 
The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system:

http://googleblog.blogspot.ch/2013/02/an-update-on-our-war-against-account.html

Recently +Brandon Downey, a colleague of mine on the Google security team, said (after the usual disclaimers about being personal opinions and not speaking for the firm which I repeat here) - "fuck these guys":

https://plus.google.com/108799184931623330498/posts/SfYy8xbDWGG

I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it's no different - GCHQ turns out to be even worse than the NSA.

We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement,  we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.

Thank you Edward Snowden. For me personally, this is the most interesting revelation all summer.
1
Add a comment...

Paul Chambers

Shared publicly  - 
 
Cows
1
Mike Bristow's profile photo
 
Moo moo moo. Etc.
Add a comment...

Paul Chambers

Shared publicly  - 
 
Watching +Matt Brittin get destroyed by the Public Accounts Committee. http://www.bbc.co.uk/democracylive/21006886 #google   #tax  
1
Add a comment...

Paul Chambers

Shared publicly  - 
 
Another photosphere
1
Michael Chambers's profile photo
 
spot the jellybeaner ;)
Add a comment...

Paul Chambers

Shared publicly  - 
 
Hey google, there are hardly any portals near me so how about you add Pubs as portals? Lots of them are historic buildings #ingress 
1
Mark Ynys-Mon's profile photoDmitri Smirnov's profile photoPaul Chambers's profile photoJason Hsu's profile photo
9 comments
 
I beg to disagree.
Add a comment...

Paul Chambers

Shared publicly  - 
 
 
This is the big story in tech today: 

http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-to-yahoo-google-data-centers-worldwide-snowden-documents-say/2013/10/30/e51d661e-4166-11e3-8b74-d89d714ca4dd_story.html 

*

I'm just going to post my thoughts on this. Standard disclaimer: They are my own thoughts, and not those of my employer.

*
Fuck these guys. 

I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces.

I've seen armies of machines DOS-ing Google. I've seen worms DOS'ing Google to find vulnerabilities in other people's software. I've seen criminal gangs figure out malware. I've seen spyware masquerading as toolbars so thick it breaks computers because it interferes with the other spyware.

I've even seen oppressive governments use state sponsored hacking to target dissidents.

But even though we suspected this was happening, it still makes me terribly sad. It makes me sad because I believe in America. 

Not in that flag-waving bullshit we've-got-our-big-trucks-and-bigger-tanks sort of way, but in the way that you can looked a good friend who has a lot of flaws, but every time you meet him, you think, "That guy still has some good ideas going on".

But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips. 

The US has to be better than this; but I guess in the interim, that security job is looking a lot more like a Sisyphus thing than ever. 

*

Also of note, this article from September may call some recent technical decisions into relief: 

http://articles.washingtonpost.com/2013-09-06/business/41831756_1_encryption-data-centers-intelligence-agencies

#nsa   #surveillancestate  
1
1
Matt Collins's profile photo
Add a comment...

Paul Chambers

Shared publicly  - 
2
Mo Chambers's profile photoIan C's profile photo
2 comments
 
Hi Bramble
Add a comment...

Paul Chambers

Shared publicly  - 
 
ooh shiny
1
Add a comment...

Paul Chambers

Shared publicly  - 
 
Bramble finds a pond
1
Matt Collins's profile photo
 
And legs. He looks tall!
Add a comment...

Paul Chambers

Shared publicly  - 
 
#ingress Has anyone had a portal submission accepted yet? Did you get notified about it?
1
Mia Hall's profile photoWill Hargrave's profile photoPaul Chambers's profile photo
3 comments
 
+Will Hargrave Hassle a googler as they seem to be the only people with any to give out :)
Add a comment...