I'm glad you posted the google-watch links, that's very interesting information. I am concerned by the popular belief that IP addresses somehow identify a single computer, however!!! In many cases, a single IP address is shared (say, via NAT) by dozens or even hundreds of computers. It can also be spoofed. I do understand that in certain instances it can be used to establish legal (ie, criminal) identifiability, though I do find this troubling. This bit, from the krane.html, bothered me in particular:
"The fact that you record unique cookie ID, plus IP number, plus date and time, makes much of your information "identifiable." Authorities can also do a "sneak and peek" search of a Google user's hard drive when he isn't home, retrieve a Google cookie ID, and then get a keyword search history from you for this ID." Are they really suggesting that authorities will physically enter, JUST to get a google cookie ID off a user's hard drive, and then return to google to find out what that user has been searching for?? If they go to the trouble of physically searching the hard drive, why would the cookie ID be more useful than all the other data there?! Or are they suggesting that they remotely access a user's hard drive? Yeah, right -- that's the M$ NSAKEY backdoor, right. Just like John Perry Barlow reiterated in his recent motherjones interview [1], the TIA [2] project mostly offers LOADS more haystacks, and not many needles. I would personally suspect that anyone with something to hide, something valuable anyway, would take efforts to cover their backs. Look at how hard it has been to unravel the Enron and other accounting scandals! There are plenty of web-anonymizing services, and clever uses of proxies, etc, to allow for instance dedicated information specialists in communist regimes to freely access otherwise-blocked information (thanks in part to CDC [3] and other "hactivists"), that methinks only the dumbest criminals would be convicted based on google's secret data. So yes, I agree that it is futile for google to abuse the general user's privacy to this extent. As far as google seeking a deployment engineer with gov't security clearance, that makes sense to me!! I know a lot of organizations deploy google on their LANs [4], and I'd assume that some of them indeed need someone with clearance to simply be able to walk in their doors, and do anything at all on their network (based on their IT/security policies)... this does not simply imply federal/military ops, but also the whole slew of privately-owned contracting businesses that work indirectly for said ops... again, this is not limited to military, either -- keep guessing. I don't see anything inherently evil in those policies, although it certainly makes it difficult to public AUDIT those organizations and operations! For those of us here, who fall into the category of "freedom zealot", please remember that secrets are still important in a free world!! The freedom of secrecy must be respected, even if you don't agree with others' motivations. ciao. Ben B On Tue, 2003-02-04 at 17:32, Horst wrote: > And to add another aspect... > > Maybe your privacy is less threatened by individuals such as the one > attempting step (1)-(4) than BigBrother himself: > See quote below from http://www.google-watch.org/krane.html > They ask some reasonable questions: > - Why does google need a cookie that doesn't expires before 2038? > - Why logging the originating IP (i.e. if you just throw your cookies > away while having a (semi)static IP, an 'unusual' OS plus browser, still > makes you a pretty unique client) > > And on http://www.google-watch.org/jobad.html > - Why does google want to hire a Deployment Engineer (with security > clearance): "Must have current government top security clearance (TS/SI)." > > "Google currently does not allow outsiders to gain access to raw data > because of privacy concerns. Searches are logged by time of day, The question, then, is, "who are [already] the *insiders*?" = ) > originating I.P. address (information that can be used to link searches to > a specific computer), and the sites on which the user clicked. People tell > things to search engines that they would never talk about publicly -- > Viagra, pregnancy scares, fraud, face lifts. What is interesting in the > aggregate can seem an invasion of privacy if narrowed to an individual. > > "So, does Google ever get subpoenas for its information? 'Google does not > comment on the details of legal matters involving Google,' Mr. Brin > responded." -- New York Times, 28 November 2002" duh. Google has been making decisions since its stanford inception, to gain popularity. Don't think that they are *owned* by the public, tho! references: [1] http://www.motherjones.com/news/qa/2003/06/we_268_01.html also see http://yro.slashdot.org/article.pl?sid=03/02/04/0348221 [2] http://www.darpa.mil/iao/TIASystems.htm [3] http://cultdeadcow.com/ [4] http://www.google.com/unclesam * they might've needed clearance to set up this service, just to make sure that no classified info gets assimilated!! and here are some other interesting links: http://www.ncs.gov/ncs/html/library.html http://www.ncs.gov/informationportal/tools.html http://www.ncs.gov/informationportal/black_hats.html _______________________________________________ Eug-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
