2013 11 06 FRB Google Security Engineers Take To Plus To Blast NSA – Forbes
Google Security Engineers Take To Plus To Blast NSA
The smiley that got under many a Google engineer’s skin
Google’s official response to a Washington Post report last month that the NSA was taking advantage of links in its and Yahoo’s data centers where data traveled unencrypted to intercept that data was one of tempered anger. “We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” Google’s chief legal officer David Drummond told the Post. Along with Facebook, Apple, Yahoo, Microsoft and AOL, it wrote an incensed but polite letter to Congress asking that the NSA be reigned in. But on Google +, its social network, its security engineers are less restrained in voicing their anger about the infiltration of their data.
Linking to the Post report, and noting that he was voicing his views not those of his employer — even if writing them publicly on his employer’s social network — Mountain View-based Google security engineer Brandon Downey wrote, “F*** these guys.” After describing some of his efforts to keep Google users safe and their data secure, along with a few Lord of the Ring references, Downey concludes, “The US has to be better than this.” Google security engineer Mike Hearn, who is based in Switzerland, followed suit, linking to a newer report from the Post with a Powerpoint slide confirming NSA’s access to internal Yahoo and Google cloud data. Hearn recognized a packet capture as coming from a project he worked on.
Issuing the same disclaimer about not speaking on behalf of Google, Hearn joined Downey “in issuing a giant F*** You to the people who made these slides,” though he threw in British intelligence agency GCHQ for good measure because he is “a Brit.”
“We designed this system to keep criminals out,” writes Hearn. “There’s no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we’ve got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.”
Hearn notes that Google has now encrypted the data that travels through these channels, meaning that the work intelligence agencies did to intercept it is now “ruined.” “Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process,” writes Hearn. “In the absence of working law enforcement, we therefore do what internet engineers have always done – build more secure software.”
The NSA previously stated in response to the Washington Post report that it “conducts all of its activities in accordance with applicable laws, regulations, and policies—and assertions to the contrary do a grave disservice to the nation, its allies and partners, and the men and women who make up the National Security Agency.”
Engineers at Google are not the only ones going off on the NSA. Chairman Eric Schmidt told the Wall Street Journal that the NSA is “violat[ing] the privacy of every single citizen of America” in order to find a few evil people.
Tech commentator Dan Gillmor called that criticism “hollow” though, given Schmidt’s past comments on privacy in defending Google’s mass accumulation of people’s data. Notably in 2009, Schmidt said, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”