Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

brilliant -- Re: Google Dreams Big

From: David Farber <dave () farber net>
Date: Mon, 06 Mar 2006 16:35:09 -0500


-------- Original Message --------
Subject: brilliant -- Re: [IP] Google Dreams Big
Date: Mon, 06 Mar 2006 13:26:45 -0800
From: Ed Gerck <egerck () safevote com>
To: dave () farber net
CC: ip () v2 listbox com
References: <440B49BE.1010606 () farber net>

Dave: Hi! For IP if you wish.


-------- Original Message --------
Subject: Google Dreams Big
Date: Sun, 05 Mar 2006 15:10:13 -0500
From: Randall <rvh40 () insightbb com>

 ...

An important implication of this
theme is that we can make your online copy more secure than it
would be on your own machine.

 ...

Another important implication of this theme is that storing 100%
of a user's data makes each piece of data more valuable 


Google likes to throw ideas out there, to use the market as their
computing device for what works. However, by the reasons (*) listed below
(or just by #7 and their ongoing fight against a DoJ subpoena), google
already knows that this one will not fly.

Why do this, then? They might be just trying to raise market awareness
for the problems of such approach. Even though Microsoft already had to
pull the plug on a very similar program (google "hailstorm microsoft"),
Microsoft is still in an ideal situation to try it again and better.
Which (given users' notorious naivete') would kill a large market segment
for google's search -- namely, every Internet user. Of course, google's
search appliance for enterprises (and later, a more affordable gadget
for the masses) would not have these problems...

Brilliant preventive move by google, it seems, as it looks for options
-- and time -- to better place its technology.

Cheers,
Ed Gerck

(*) What google proposes is a direct contradiction, for several reasons:

(1) Because you *still* have your local copy, the online copy becomes
an _additional_ risk. Risk MUST increase with the added online  copy.

(2) Even if the online copy is encrypted (best case) with a key that
google does NOT have, the file may still be attacked and decrypted by
a variety of methods -- some of them not even cryptographically or
computationally limited.

(3) Losing physical control of your data (by placing a copy under
google's control) cannot be recalled. It's a final revocation of
your sole control rights.

(4) Creates a single point of failure.

(5) The more valuable your data becomes, it also becomes a more valuable
target.

(6) Goes agains usual confidentiality principles, including "need to know"
and "least privilege".

(7) Either contradicts legal requirements for confidentiality or makes
google
legally liable for safekeeping everyone's data against any disclosure risk
(including disclosure that is legally mandated, which is always a risk to
comply because any order can be potentially disputable).

-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: