Los Angeles is considering a multimillion-dollar plan to adopt Google's cloud services, but in the aftermath of a hacker accessing Twitter's internal docs based on weak passwords on Google Docs, some city leaders are getting cold feet, AP reports.
Paul Weber, president of the Los Angeles Police Protective League, said the move increases the security risk.
"Any time you go to a Web-based system, that puts you just a little further out than you were before," he said. "Drug cartels would pay any sum of money to be aware of our progress on investigations."
City Councilman Tony Cardenas said Google will need to address concerns but fears can't justify IT that stays stuck in the past.
"While legitimate concerns have been raised by LAPD (Police Department) and the City Attorney's Office because of the nature of their work, we must find a solution that meets everyone's needs," Cardenas said in a statement. "We can't say we are a first-class city and keep the same antiquated communication systems."
Google said its services are "extremely reliable, safe and secure."
Indeed, Twitter pointed out that the break-in was solely due to weak password protection of their Google Docs. But "security" that can be undercut by a user's password choice is a funny sort of security. As The Register notes:
Hacker Croll didn't exploit any software vulnerabilities. He exploited stupidity. To crack this personal e-mail account, all he had to do was answer a security question. ... The major sell of web applications is that you can do your work from any computer that has internet access. Conveniently, anybody who knows your password can also have a field day reading your s--t from any computer that has internet access.