Tuesday, June 1, 2010

Google's Wi-Fi Gaffe

As Google prepares to defend itself against allegations of Wi-Fi spying, it has said very little about exactly what kind of personal data it gathered as part of its Street View project.

Last week, Google also declined to provide executives willing to speak on the record about how one of the most monumental oversights in its history occurred: the inadvertent gathering of 'payload' data by Wi-Fi sniffers mapping hotspots while recording street scenes for Google Street View.

Google admitted on May 14 that it had been "mistakenly collecting samples of payload data from open (i.e. non-password-protected) Wi-Fi networks" for three years. Payload data is distinct from a "header," which contains mostly benign information about the network itself: The payload is the actual data that is being transmitted over the network.

However, Google's store of personal data might not be quite the treasure trove it may seem. Data sent back and forth between encrypted Web sites (password logins, online banking, credit-card transactions, or anything with https:// in the URL) would not be collected. Mobile workers signed into VPNs would also not be affected.

In addition, it's not totally clear how much data Google would be able to capture with a Street View car moving at about 25 miles per hour along the streets of cities and towns around the world. Google said the data was "fragmented," implying that piecing together any coherent image from that data would be difficult.

No comments:

Directv-Dish Merger Fails

Directv’’s termination of its deal to merge with EchoStar, apparently because EchoStar bondholders did not approve, means EchoStar continue...