Posted on 09/12/2013 6:56:30 PM PDT by MeshugeMikey
If a recently leaked document is any indication, the US National Security Agency -- or its UK counterpart -- appears to have put on a Google suit to gather intelligence.
CNET got a "no comment" from the NSA in response to our request for more information.
(Excerpt) Read more at news.cnet.com ...
The toothpaste is out of the tube.....period.
Remember when Google wanted you to login so they could track your searches and gave you a free email account. Turns out it wasn’t Google after all.
Remember when Google wanted you to login so they could track your searches and gave you a free email account. Turns out it wasn’t Google after all.
More exceptionalism.
comrade putin warned us about this....
Doesn’t surprise me AT ALL.
“Don’t be evil” —WHAT A FREAKING JOKE....!
You know?
I *USED TO* respect the NSA (sort of).
“Remember when Google wanted you to login so they could track your searches and gave you a free email account. Turns out it wasnt Google after all.”
It is worse then that, the van that drives around to create Google street views was collecting email addresses and passwords and other information from PC’s, a judge has just allowed a law suit to move forward due to this being leaked...
The NSA has “Goo Goo Googley” Eyes??
Nut-job Conspiracy Theory Ping!
To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...
If anyone monitoring an SSL connection has the private key for the SSL certificate, they can use it to decrypt the conversation. How they get the private key is a separate discussion, but it's not difficult to imagine Google turning it over in response to a court order.
An exception: if the SSL connection uses the Diffie-Hellman key exchange, there's no known "man in the middle" attack. But, it requires both the client and the server to agree to use that key exchange algorithm.
Sorry, that's not what Google was doing. They were mapping the location of WiFi hotspots, and inadvertently saved the entire packet instead of just the MAC address. The only way they would have captured anything important was if the WiFi hotspot wasn't encrypted, and the data connection wasn't encrypted with SSL.
Google screwed up, and admitted it when they realized it. You don't need to resort to hyperbole.
Well, I guess those of us who have been saying this for years aren’t crazy after all. Last night the NYC Police Commissioner said cameras are all over New York. Did “Finch” from Person of Interest have them installed?
btw my real name is not meshuge mikey,....but lets not let google in on this...
just gets weirder and weirder
> Sorry, that's not what Google was doing. They were mapping the location of WiFi hotspots, and inadvertently saved the entire packet instead of just the MAC address. The only way they would have captured anything important was if the WiFi hotspot wasn't encrypted, and the data connection wasn't encrypted with SSL.
Not so fast.
1. Most residential WiFi hotspots and many public ones weren't encrypted back then, and many still aren't. AES WPA-2 is still a relative rarity, though it's catching on.
2. The vast majority of HTTP connections weren't encrypted with SSL (i.e. HTTPS) with the exception of banks and online purchasing. Now, more are -- virtually all banks and most stores, and many regular websites. But sadly, most regular websites are still not encrypted, and many stores still prompt for passwords in the clear (HTTP), which is so stupid that it ought to be criminal.
I wish what you said was true, but unfortunately, it's still a long way from true in general. It's getting better, but going from "egregiously bad" to "barely acceptable" is not the kind of improvement we need.
Besides, it's been revealed that HTTPS/SSL is cracked by the NSA.
Personally, I encrypt anything I want to keep private with a 2048-bit PGP private key, and all my wireless spots that can possibly be accessed by anyone else are encrypted with AES WPA-2 and a strong passphrase.
And I'm getting prepared to migrate my PGP private key to 4096-bit because I want it to be good for another 5 years if possible.
{comment deleted by NSA}
At least they haven’t disguised themselves as the FreeRepublic yet......... have they ?
The list, Ping
Let me know if you would like to be on or off the ping list
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.