Pissed Off Google Security Guys Issue FU To NSA, Announce Data Center Traffic Now Encrypted

from the keep-at-it dept

So far, one of the biggest stories of the Snowden NSA leaks, by far, is the revelation that the NSA was infiltrating the private data links between Google and Yahoo data centers (and, it seems likely, other companies as well). Google had clearly suspected this, as it had been reported earlier that they were scrambling to encrypt those data links. As you may recall, the original Washington Post article also noted that two Google engineers who were shown the NSA's slides "exploded in profanity" and anger at the NSA.

It would appear that this sentiment is pretty common across Google's security team, and they're displaying their anger on Google Plus -- but also announcing that all that data is now encrypted. When the news first broke, security engineer Brandon Downey expressed reasonable anger about the news:
Fuck these guys.

I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces.

[...] But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips.
On Tuesday, the Washington Post revealed a few more slides showing more details of the NSA's infiltration of private data links between data centers. In response to that, another security engineer, Mike Hearn, announced that all the traffic shown in those slides is now encrypted, along with his own "fuck you" to the NSA and GCHQ:
I now join him in issuing a giant Fuck You to the people who made these slides. I am not American, I am a Brit, but it's no different - GCHQ turns out to be even worse than the NSA.

We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.
Of course, some people might reasonably question the idea that Google is "little people" here. And, while it's good to see Google staffers furious about this, it remains to be seen if Google will actually do more about this. A lawsuit against the US government for hacking into its network seems called for. And, potentially against Level 3 as well, given that it appears Level 3 provided much of the dark fiber Google was using -- and the company gave a giant "if the government comes to us, we can't talk about it" response, that hinted strongly towards "the government came to us and had us tap Google's private links."

Hopefully, we'll start to see that employee anger over this turn into much more: including better privacy tools for users and using Google's political pull to fight the NSA in DC as well.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    That One Guy (profile), Nov 6th, 2013 @ 7:58am

    So...

    Anyone care to bet on how long it takes before the NSA and GCHQ start accusing Google of 'enabling and aiding terrorists by interfering with legal* surveillance efforts'?

    (Assuming they aren't already anyway, they do tend to lash out at critics fairly randomly)

    I'm guessing a week, tops, personally.

    *According to classified rulings by classified courts on classified interpretations of laws of course, 'cause public laws are the tools of terrorists don't you know! /s

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    ltlw0lf (profile), Nov 6th, 2013 @ 9:02am

    Re: So...

    Anyone care to bet on how long it takes before the NSA and GCHQ start accusing Google of 'enabling and aiding terrorists by interfering with legal* surveillance efforts'?

    I'm actually happy all this has happened, as it has gotten me to think about how I do the back-end stuff too. Protecting the front-end left me with an M&M security model...soft chewy center with a hard shell. Even though my back-end was limited to lo0, and never touched the net, I am now working to encrypt all of my lo0 traffic. It increases latency, but in the long run, if the state can do it, it is only a short matter of time before bad-guys figure out how to do the same.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 9:48am

    Re: Re: So...

    You are just making one small mistake, you assume that the state is *not* the bad guy. After all that came out recently, it stands to reason that the state is exactly what you need that protection against.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Glen, Nov 6th, 2013 @ 9:57am

    Google may not be a "little guy" but "little guys" like me use a lot of their services so I am ok with them using that phrase.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    JCDavis, Nov 6th, 2013 @ 9:58am

    Insiders

    I think it unlikely that NSA is satisfied with just tapping into the cables. They likely have spies inside these companies as well. There's no limit to what a government will do once it goes bad.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Mark Wing, Nov 6th, 2013 @ 9:59am

    Looking at the big picture, all these NSA revelations could end up as a net positive because now there is a renewed interest in privacy and security, which have never been on the public's radar and should have been all along. And now we're suddenly seeing much needed innovation.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    ChrisB (profile), Nov 6th, 2013 @ 10:02am

    Re:

    I agree. Further, corporations are normal to most people. Only about 10% of people are self-employee (sole proprietor). The rest work for large and small corporations.

    Government is the real anomaly. Using other peoples money to buy things they don't understand if they need, and then having no accountability when things go wrong. Sound like a teenager.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 10:07am

    I've never trusted Google, or any corporation for that matter. Never have, never will. They're just out to make a profit. Privacy be damned.

     

    reply to this | link to this | view in thread ]

  9. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 6th, 2013 @ 10:12am

    Gee, just like that, added multi-GB/S encryption.

    Quite amazing, and could have done it all along with equipment already in place, eh? And these experts never suspected what I knew from casual reading.

    But does provide a PR story. So far as it goes in railing at criminals, that's fine, so long as no one believes that Google is/was so ignorant or then/now so "outraged".

    Remember, Google is secretive as NSA. They won't even tell us about barge plans, 'cause a showroom is too secret for the public to ever know about...

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 10:18am

    Re: Insiders

    Most insiders will not have access to the encryption keys.

    This limits the number of insiders who have unrestricted access, and limits the damage the rest of the insiders do. If Google plays their cards right (harder to do, but possible), no insider will have unrestricted access.

    This increases the NSA's costs and makes it harder for them to do pervasive passive monitoring. Which is a good thing, since it forces them to target their resources at evildoers, instead of just invading the privacy of everyone.

    The point is not to make things impossible for the NSA. The point is to make them harder.

     

    reply to this | link to this | view in thread ]

  11. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 6th, 2013 @ 10:19am

    Re: Gee, just like that, added multi-GB/S encryption.

    PS: Where would we find independent verification of this alleged new encryptions, Mike? Just for one second suppose that Google can't be trusted: what's your slightest evidence that anything has changed? This may be nothing BUT a press release!

    Anyone who believes this is just the kind of trusting utterly unquestioning fool that con men -- and intelligence operatives -- just LOVE.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    RD, Nov 6th, 2013 @ 10:32am

    Re: Re: Gee, just like that, added multi-GB/S encryption.

    "PS: Where would we find independent verification of this alleged new encryptions, Mike? Just for one second suppose that Google can't be trusted: what's your slightest evidence that anything has changed? This may be nothing BUT a press release!"

    From the same place that your beloved *IAA organizations get their statistics data on "piracy" and "theft." What is YOUR evidence that the numbers and claims they make are valid? They can't be trusted any further, in like manner.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 10:43am

    another way of looking at what the NSA and GCHQ have been/are up to could be this. atm there is a court case going on in the UK where certain members of a now defunct newspaper, owned by one of the biggest hypocrites on the planet, in my opinion, Rupert Murdoch, are on trial for hacking into the mobile phones of certain people. what they did was absolutely disgraceful and there is no excuse that can justify it. however, it seems extremely two faced by the government to be aiding the pursuance of the supposed guilty parties in this event but doing absolutely nothing to apologize, address or stop what they have been doing via GCHQ and the NSA (the two have been working hand in glove for years) by way of spying on everyone in the UK and the EU. i read where Germany have summoned the UK ambassador in Berlin and this could end badly for the UK. i am surprised that there hasn't been more kick back via the EU so far, but the chance hasn't been lost yet!! i doubt if the EU is gonna be particularly enthralled about a member country spying on other member countries whilst in cahoots with the USA! there could be big poop flyin' around before too much longer!!

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 10:47am

    "We designed this system to keep criminals out."

    NOW you have. The biggest criminals are in government.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    S. T. Stone, Nov 6th, 2013 @ 11:06am

    I’m glad they used the actual word ‘fuck’ instead of resorting to a softer alternative.

    The word’s meant to shock people, and coming from Google reps, that should shock everyone.

     

    reply to this | link to this | view in thread ]

  16. This comment has been flagged by the community. Click here to show it
     
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:09am

    This shit is hilarious. Google couldn't give two fucks about artists being exploited via their tech, but now that they're on the other end of the corn cob, they whine like 2 year olds.

    Hey Google: Fuck You. Karma strikes again.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:12am

    Re: So...

    It doesn't matter. The documents that Snowden has already released goes into great depth on how they were able to break into and track IPV6 / HTTPS / VPN's.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    Chronno S. Trigger (profile), Nov 6th, 2013 @ 11:18am

    Re: Re: So...

    "The documents that Snowden has already released goes into great depth on how they were able to break into and track IPV6 / HTTPS / VPN's."

    That's what they're talking about, encrypting traffic over those channels. If you can't trust the channel's encryption (IPV6 is not encryption) then encrypt the data going over the channel.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:20am

    "it remains to be seen if Google will actually do more about this"

    the real question is, will the average citizen do anything about this?

    the answer to that question is: no

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:32am

    Re:

    what artists being exploited how?

    difficulty: show your work

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    Rapnel (profile), Nov 6th, 2013 @ 11:32am

    Re:

    No, no, fuck you, copyright maximalist prick. Fuck you for supporting an industry of absolute fucking idiocy and grounding the ideal that means of communications can be dictated, monitored and manipulated for profit.

    Karma hasn't even kicked in yet. It's still itemising the charges. Mafiaa cunt.

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Gwiz (profile), Nov 6th, 2013 @ 11:34am

    Re:

    This shit is hilarious. Google couldn't give two fucks about artists being exploited via their tech....


    Huh. Didn't Google develop a ContentID system and a easy DMCA notice system on their own dime? I don't recall any artists, label or movie studios chipping in any cash for that.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:37am

    Re:

    Fuck you ungrateful prick.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 11:41am

    Re:

    "Google couldn't give two fucks about artists being exploited via their tech"

    When did this turn in to a copyright story and at what point in time did google ever help any artists being exploited?

    You always forget that the people who exploit the artists the most are the big labels/studios/publishers that are represented by the AA's and who you so vehemently defend.

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    gorehound (profile), Nov 6th, 2013 @ 11:44am

    I wonder what the Government could do if all the huge Tech came together and at the same time issued a joint Statement of FUCK OFF TO NSA ! Tech is so needed and a part of all life so what happens when you get a TECH REVOLT.
    What you Gov going to do about it when your Apple and your Windows and all that other good stuff says a big FUCK YOU to you.
    How you going to shut down what the World depends on !!!

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 12:14pm

    Re: Re:

    Damn. Next time, tell him how you REALLY feel. :)

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    Rapnel (profile), Nov 6th, 2013 @ 12:18pm

    Re: Re: Re:

    Nah man, the first two words of the posting are "Pissed off" and so I thought I'd make a good go of keeping that in mind through the entire read. Then I tripped over Retardo Maximo and threw it a bone.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    vastrightwing, Nov 6th, 2013 @ 12:18pm

    But what about the DCMA?

    According to the Digital Millennium Copyright Act, the NSA is circumventing measures that control access. Who knows, there may be actual copyright damages as well. Do we know many petabytes of MP3s and video that have been copied? The RIAA and MPAA and all the other rights organizations should be investigating how many files have been copied.

    Go get 'em!

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    Rapnel (profile), Nov 6th, 2013 @ 12:25pm

    Re: Re:

    Did you not recognise that our digital lives seem to be copyrighted by everyone save those that live them and that one's only recourse is through encryption and that even then all of the information that exists about you, for you and in spite of you that is not encrypted is completely beyond your legal reach much less your control?

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 12:36pm

    Re: So...

    Actually, I doubt very seriously that that will happen and if it does at all it will be more of an implication made by a handful of politician than a outright accusation coming from the government. The reason is this. They are desperately trying to spin all of this to the people as good for them. Attacking Google by saying that they are aiding terrorists would imply that all of the people who use and support Google would also be aiding terrorists. The RIAA and MPAA might think it's a good PR strategy to outright attack the people who are supporting you but the NSA and GCHQ are not quite THAT stupid.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous Coward, Nov 6th, 2013 @ 12:39pm

    Re: Re: Insiders

    "The point is not to make things impossible for the NSA. The point is to make them harder."

    The point is to make it cost prohibitive.

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    Mr. Oizo, Nov 6th, 2013 @ 12:55pm

    Google IS the NSA, how difficult is that to understand ?

    Every response coming from google is made to keep on getting that precious information while at the same time calming down public opinion.

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    John Fenderson (profile), Nov 6th, 2013 @ 1:18pm

    Re: Google IS the NSA, how difficult is that to understand ?

    I wish that were true. I would be very happy if Google replaced the NSA, as I can avoid being monitored by Google.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    phils, Nov 6th, 2013 @ 1:37pm

    Thank you Brandon and Mike.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Sambo, Nov 6th, 2013 @ 3:47pm

    waiting

    It's ok

    The DOJ, as shown by their recent history is no doubt obviously about to pursue the NSA to their demise for abuses under the CFAA.

    Oh.

    Maybe not.

     

    reply to this | link to this | view in thread ]

  36.  
    icon
    Richard (profile), Nov 7th, 2013 @ 2:03am

    I'm a little surprised that a google engineer hasn't actually read Lord of the Rings... what he described in the first post is actually in the book, sorta

     

    reply to this | link to this | view in thread ]

  37.  
    icon
    Niall (profile), Nov 7th, 2013 @ 4:26am

    Re: Re: Re: Insiders

    They'll just write another blank cheque, paid for by defunding food stamps or veteran medicare or something.

     

    reply to this | link to this | view in thread ]

  38.  
    icon
    Niall (profile), Nov 7th, 2013 @ 4:29am

    Re:

    Erm, he obviously has, as he's exactly describing what does happen. He may not have expressed it perfectly, but that's what he was saying he felt like - how the four hobbits would have felt on returning to the wrecked Shire.

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Anonymous Coward, Nov 7th, 2013 @ 4:46am

    Oh NOW Google is against "if you have nothing to hide" argument.

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Anonymous Coward, Nov 7th, 2013 @ 12:10pm

    Re: Re: So...

    Are you sure? We live in a time full of stupid speakers, after all.

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    JMT (profile), Nov 7th, 2013 @ 3:00pm

    Re:

    "Google couldn't give two fucks about artists being exploited via their tech..."

    And the record labels and movie studios couldn't give two fucks about artists being exploited via their one-sided contracts and fraudulent accounting practices. Seems those poor artists can't catch a break from anyone!

     

    reply to this | link to this | view in thread ]

  42.  
    identicon
    Anonymous Coward, Nov 7th, 2013 @ 10:18pm

    Translation

    Hey! Don't steal our users private data from us! We stole it from our users fair and square, and we will not give it up!

     

    reply to this | link to this | view in thread ]

  43.  
    identicon
    stfual, Nov 19th, 2013 @ 1:23am

    Snowdon x 50,000 = Google

    So what about rogue Google employees ? What's my protection against a Google lackey doing a Snowden and walking out the door with some or all of Google's data and selling or giving it to the nearest criminal or government?

    And how exactly am I protected by Google's privacy policy which seems to say you can take my text,images,location,contacts,voice and exploit it in any way you want. Which in a public company always ends up being the highest bidder.

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    Trevor Grant, Dec 4th, 2013 @ 5:58am

    Angrynet

    I would liken this assault on the Internet by a public company as a rotten tomato; nothing to keep your prostate healthy. Admire you for speaking.

     

    reply to this | link to this | view in thread ]

  45.  
    identicon
    Jed Clampert, Dec 17th, 2013 @ 9:18pm

    The NSA Does NOT Own the Infrastucture

    THE NSA CANNOT CONDUCT SURVEILLANCE UNLESS GOOGLE LETS THEM.

    Level3, ATT, Verizon, Google ... they are the arm of surveillance.

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Eyal, Jan 11th, 2014 @ 6:56am

    A Nice goole PR but google joined PRISM

    google have joined PRISM(NSA program ) in 2009
    so google and the NSA siting on a tree and kissing since then

     

    reply to this | link to this | view in thread ]

  47.  
    identicon
    Krishna Rama, Jan 22nd, 2014 @ 9:53am

    Re: Re: So...

    Well the state are the bad guys and I think they have consistently proved this time and time again........

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This