Google's internal spy system was Chinese hacker target

Google's internal spy system was Chinese hacker target

Summary: New information indicates that Chinese hackers targeted Google's internal spy system which collects data on all its users.

SHARE:

Computerworld has a very interesting story about the Google/China flap.

Reporter Robert McMillan quotes an unnamed source:

...they [hackers] apparently were able to access a system used to help Google comply with search warrants by providing data on Google users, said a source familiar with the situation, who spoke on condition of anonymity because he was not authorized to speak with the press. "Right before Christmas, it was, 'Holy s***, this malware is accessing the internal intercept [systems],'" he said.

Google was already hosting a spy system that provided the Chinese government, and any other government with user data. They merely had to request that data through a warrant. That internal spy system became the weak spot in Google's security technology.

But why would the Chinese government try to hack into a system that was already providing it with user data?!

Clearly, the Chinese government was looking at collecting data on all other Google users, not just human rights activists. China was trying to spy on us all! And Google's internal spy system compromised all its users.

This reveals that Google collects information about all of its users all of the time and in a format that enables it to easily had it over to any government agency that orders a search warrant. This is an embarrasing revelation. What's worse is that Google is using the pretext of human rights to hit back at China, when it was a vulnerability in its internal spying system that potentially compromised all Google users, not just human rights activists.

Topics: Government US, Google, Government, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

86 comments
Log in or register to join the discussion
  • Don't use gmail!

    That's the better way avoiding Orwellian spies!
    whitenight2010
    • Correction..

      ..don't use any service provided by anyone, unless
      you are okay with the fact that the government
      can, at any time, have them fork over your data.
      This should be common sense by now. If it's
      sensitive, encrypt it.
      AzuMao
      • encrypt it??

        You don't think the Gov't has the master encryption keys to every program on the market/after market? before the programs are ever put on store shelves or on-line stores?
        jasonemmg
        • Ya..

          ..I doubt they'll crack AES any time soon. Not
          with full rounds anyways. And why would you use a
          commercial encryption program? All the good
          algorithms are public domain. Not on store shelves
          or in on-line stores.
          AzuMao
      • If it's sensitive, encrypt it.

        If it's sensitive, don't write it. If it is written, it is saved somewhere. Government, organized crime, competitors, hackers....

        If it is something you do not want published,
        do not write it.

        The Rosetta stone was not just the key to translating ancient language. It is a reminder that what you write down, persists. Maybe forever.

        Paranoid maybe, but think before you write.
        rj_wilson
        • Saved somewhere, yes..

          ..the question is, can anyone else recover it? If
          not, that's safe enough for me.
          AzuMao
  • RE: Google's internal spy system was Chinese hacker target

    LOL! Google caught red handed spying on users and their data. Glad I gave up the goog a long time ago.
    Loverock Davidson
    • Be sure to also..

      ..give up all ISPs, and all services hosted on the
      web, since they all have no choice but to give up
      your data when the government comes knocking.
      That's why you should encrypt it if you want it to
      stay secret.
      AzuMao
  • Wow, Just Wow. So goog spy's on its users

    all the time just waiting for a search warrant. Of course they never would use any of that info to the detriment of the user for their benefit. Yeah right.
    Trust Google with your info? I think not!!
    AboveAverageJoe
    • Ya..

      ..just like all other online services are required to, by law.



      edit:
      Unless they're hosted in some third world country, I guess.
      AzuMao
    • aboveaverage doesn't include grammar, huh?

      Hey smart guy, it should be "goog spys on". I suppose it is only marginally aboveaverage.
      That One Smartass Guy
      • Did you mean: spies?

        Results for: [b]spys[/b]

        SPY OPTIC SUNGLASSES AND SNOW GOOGLES
        Offering sunglasses, shirts and goggles for
        extreme sport applications.

        Amazon.com: The Spy's Guide: Office Espionage
        (9781931686600 ...
        Amazon.com: The Spy's Guide: Office Espionage
        (9781931686600): Duane Swierczynski, H Keith
        Melton, Craig Piligian, Retired KGB Major
        General Oleg Kalugin, ...
        AzuMao
  • i was wondering how they were so sure it was china. HAHA

    Internally hacked via an affiliate link. Got what you deserve google.

    Rather sad... sometimes companies get to big before they mature.
    Been_Done_Before
    • Me too...

      How in the world do they know that it was a Chinese Govt sponsored hacking attempt? Just because Google thinks so doesn't make it true.

      It wouldn't surprise me at all if this turned out to be a "false flag" operation to pin the attack on the Chinese Govt. First, the Chinese aren't dumb enough to break into Google only to look for human rights activists when that action alone is a dead giveaway. Second, the fact that they could do it easily via a warrant doesn't make sense at all... like Tom said. Third, if indeed that was the motive of the Chinese Govt, why on earth would they break into Adobe? Are they storing information on human rights activists as well?

      Something smells fishy. I think somebody is doing something behind the scenes to give Google the excuse to not censor search results in China (which apparently is Google's motive from the beginning).
      ckl_88
    • Owned by a link HAHA.

      HAHA that makes sense, because <a href=http://doom3.zoy.org>links</a> can totally hack you up, right?
      AzuMao
  • RE: Google's internal spy system was Chinese hacker target

    "Clearly, the Chinese government was looking at collecting data on all other Google users, not just human rights activists."? Paranoid much?
    only1pj
    • Clearly not.

      He said it's serious business, so don't you
      [i]dare[/i] take off that tin-foil hat, ya hear?
      AzuMao
  • Tom: It is a governmental compliance issue re the Patriot Act

    Effectively our government will routinely place requests (warrants) without Court orders to track any individual's on-line habits.

    It's not just Google Folks.

    There are no checks and balances because of the Patriot Act.

    The incident only confirms that compliance systems are in fact common-place because if ordered, they have to hand over information when called upon to do so.

    Come on now. Is anyone really surprised that monitors are in place? Horrors! :(

    P.S.
    Some things for the Windows 7 Crowd to contemplate:

    Does Windows 7 include a 'back door' for Patriot Act compliancy?

    Does Windows 7 include a 'black box' for recording all of your activities forensically?

    The truth of the matter is if you insist on running an Operating System that is a closed proprietary system, you default to losing your innate right to have those questions answered forthwith. You have no <a href="http://www.fsf.org/">FOSS transparency</a>.

    I am confident that the answer to both of those questions is a 'NO' for Linux.

    See the <a href="http://www.gnu.org/philosophy/free-sw.html">Free software definition</a> for details of what you are missing with Microsoft Windows 7.
    D T Schmitz
    • Do not appologize for Google.

      Instead show us where in the Patriot Act it is poited out that this is required of Google.

      Until then, it appears that you are just an apologist for them.
      GuidingLight
      • Patriot Act, Title II, Surveillance Procedures

        http://en.wikipedia.org/wiki/USA_PATRIOT_Act#Title_II:_Surveillance_procedures

        Internal use only data audit trails weren't meant for external use.

        Patriot Act requires compliance in furnishing reports if as and when requested, all at short notice and without any Court order.

        Google doesn't come to compliance as a 'willing concern'. They have no choice but to comply with the law as it currently stands in the U.S.

        At one point the Patriot Act was to be sunsetted in 2005, but that has fallen to the way side.
        D T Schmitz