Guest post: Government Gmail use following Google's China news

Guest post: Government Gmail use following Google's China news

Summary: Paul Strassman outlines some of the technical issues raised for government agencies using Gmail in light of the China cyberattack on Google.


Paul Strassmann is a Distinguished Professor of Information Sciences at George Mason University's Center for Secure Information Systems. He's also a long-time technology executive in the private sector and government. In 2002, he served as acting CIO of NASA. Here's his take on the Google-China showdown and some of the technical issues the incident raises.

Updated: A Google spokesman responds with the following: The premise of Mr. Strassmann's post is without merit:  There's no need to withdraw servers that store Gmail information from China because there aren't any there.

Federal Chief Information Officer Vivek Kundra has been a consistent advocate of increasing the government's use of commercially available technologies, such as Gmail. In fact, as the District of Columbia's chief technology officer, Kundra implemented Google Apps, including Gmail, for all District employees.

A number of Department of Defense (DoD) organizations are already using Gmail. Meanwhile, Google has made secure Gmail the default choice in light of the cyberattack the company detailed on Tuesday.

Related: Google’s showdown with China: Does it make sense? · Google threatens China pullout after cyberattack · Adobe confirms ’sophisticated, coordinated’ breach · Bravo! Google takes a stand for human rights in China · The Google escalation and open source · Google on the defensive and vulnerable

Since there are DoD organizations that have already advocated the adoption of Gmail, the following advisory is offered.

The most probable, and easiest way, would be for Chinese agents with physical access to Google servers to insert physical wiretaps. A modified version of a Cisco switch with an extra optic fiber leading off to the police would be easy to hide.  It would be reasonable to assume that Google does not encrypt traffic sent between machines in the same subnet (i.e. in the same physical cabinet).

Once you can wiretap, you can eventually figure out how to distinguish Gmail traffic from other traffic, and reverse engineer how Gmail data is replicated across servers.

There is no defense against a hostile party with full physical access to your server room. That is why Google's only logical option is to withdraw all physical servers from China.

There are two Google data centers in China, almost surely co-hosted on shared facilities and not owned by Google. Similarly, there is a co-hosted facility in Russia. Unless a facility is owned and operated by Google it would be always suspect, and even then it would not qualify to operate DoD classified mail.

DoD should therefore not consider Gmail as a viable option because it cannot be trusted. Only a secure DoD Private Cloud, isolated from the Internet, can be seen as an acceptable option.

Ed note: Google said it doesn't have servers that hold Gmail data within China. Strassmann maintains his reservations about cloud applications within the DoD.

Topics: China, Browser, Cloud, Collaboration, Google, Government, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • DoD using Gmail?!?

    Is that not like placing a kwikset bathroom lock on the access doors to a missle silo?!?
    • If you have no physical control over a network ...

      ... you should consider yourself having no real control over the network, and that you are putting yourself at risk hosting sensitive information on the network. As far as I'm concerned, governments have no business hosting sensitive information on public clouds - no matter if vendors promise them the moon. Sensitive or private information belong in private networks or clouds, and public information may be hosted in public clouds.
      P. Douglas
      • I totally agree

        the odd part is, why was something like this even considered? Because Google are experts in this?

        I think not: It appears that they could not even protect their own information and code.
      • Only problem with your reasoning is that ALL email servers are connected to

        the public Internet. None are more "public" than
        the others, and there are very few companies that
        have the resources to do it better than Google.
        • Yes, but the DoD employs ...

          ... the use of certificates and encryption to secure emails. My point is that hosting email on-premise, decreases the surface area of security attacks - or at least gives you more control over your situation. Therefore if you can host your own email (or have service providers do it for you) using a private cloud on-premise, the better off you are. Remember, private clouds have most of the benefits of public clouds, but also has better security and other assurances, as well as benefits such as the ability to do customizations.
          P. Douglas
          • Private clouds have no such assurance of better security. There are few

            companies or government agencies that can do
            email safer than Google (or other large
            providers) let alone justify the cost of hosting
            their own email. You just can NOT match the
            ability of a large provider to have people 24x7,
            and all of the constant research into how email
            systems are being attacked.

            The difference in attack surface is negligible
            as the servers are all connected to the internet
            in any case.
          • I think the Government, and more so the Military

            have far far far more resources then Google does.

            Or do you think the Military only fights 9-5?

            By the way, this [i]is[/i] intersting -

          • Well, yes, the military could waste a lot of taxpayer money managing email

            servers for non critical thing. It would be
            extremely expensive to install servers at each
            location and manage them. They could do the same
            thing that Google is doing and centralize the
            servers, but, then they are just doing the same
            thing as Google, and have all the same
            vulnerabilities, AND, it would just end up costing
            more, a LOT MORE - which TAXPAYERS would be
          • Doesn't sound like experience talking

            As an email admin for a major financial institution that deals with security on a daily basis I can say for certain that yes there is a HUGE difference in attack surface between a public and private cloud. With a private cloud you can lock down access points, you can say "The only ip ranges allowed to connect to our cloud are", you can require the use of VPN to connect along side key generating devices so no one ever uses the same password from some minute to the next. You can't do that with Google's offerings, or any other cloud offerings.

            You also have the additional point of attack from within the public cloud itself. If someone at Google decides to get a little shady and look into what you have stored on your cloud or in your email they can and you have no knowledge unless Google happens to discover it. Basically you have no control over the processes, procedures, logging, and controls they have in place or background checking their employees. There is a HUGE difference between the two and the reason most regulated organizations are starting to bring more and more in house.
        • Real world mail servers....

          From small to large mail infrastructure I've seen, none/zero/nil have servers in the wild.
          All of them are protected by firewalls, some (=large corporations) have external and internal smtp servers, so that internal mail is not routed to the internet.
          External smtps are routinely brought down, patched and brought up. All external smtps are round-robin dns MX records, no downtime occurs.

      • DoD, and all US Government Offices, Self-Host

        All US Government Google 'Cloud' systems are self-hosted on protected networks with multi-layer security.

        Government is not always as foolish as MSNBC would lead us to believe.
      • Agree with you 100%

        No exceptions. None. Zilch. Nada.

        End of discussion !

        - Admin
    • Not exactly, for non critical activities, Google can do it a lot cheaper

      than the DoD, and probably better than the DoD
      could do it internally.

      For very critical communications, the DoD should
      not use email at all really.
  • Double, Triple Fails all around........

    This is an Obamanation through and through. I cannot believe our government is doing this and putting us all at risk. Probably the most targeted institution in the world is our government and they are playing games with gmail?

    Who the heck is this CIO because he is a joke. We really are becoming a laughing stock to the world and I can't wait until 2012 and this garbage of an administration will be gone. Makes the Bush admin look like the good guys. There has always been problems in government IT security and this one just ranks right up at the top of the fail list along with P2P being allowed on government systems.

    Stupid is as stupid does. Good work America for being foolish idiots.
    • Sending email on the public Internet is not acceptable for critical

      communications no matter WHO is managing the
      servers. But, for non-critical communications (of
      which there are many in the DoD) Google can do it
      better and cheaper than they could internally.

      Not every email contains nuclear secrets.
      • Its about.....

        Trust. Google is not ready for the onslaught but either is the government. Guess it really doesn't matter which unprepared organization takes the data. I don't think government employees are smart enough in many cases to not send private critical data in emails.
        • Yes, it IS about trust, and how much can a small company or government

          agency pay to have trustworthy people 24x7. Much
          better to use a large provider that CAN afford
          to trustworthy people 24x7, and also research
          groups constantly reviewing security and looking
          for any gaps.

          And, if you can not even trust the employees to
          use approved communication methods for critical
          information, you have a much bigger problem than
          the email provider!!!!!!!!
          • You can defend Google all you want

            to the point where it comes off a nothing but a tired old apology, but the question remains:

            Who watches the watchers?

            Prove to me that Google hasn't been hacked, and DoD emails intercepted and read.

            You can't.
          • This is not just about Google, it is about large email providers that have

            teams working 24x7 to keep the system secure. Yes,
            they can be hacked, that is not the question. The
            question is could you do it better yourself. There
            are very few companies big enough to hire the
            required professionals needed 24x7 to even have it
            at the same level of what a large provider can do.
  • Wow ... you sure got them all up in a tizzy with this.

    The simple answer is that all non-classified information is sent and exchanged on email, everything else is secured on local servers.

    I would be best if they didnt have internet access on the same machines that classified information was on... but thats just my opinion.