AG's complaint against google

[crp]

This could go in any of several forum topics here. Here is a link to the pdf of the 20 or so State Attorney General complaint. The judge recently ordered that the redactions should be purged so now we have quite a few more details and direct words of what google (and facebook) were doing.

https://storage.courtlistener.com/recap/gov.uscourts.nysd.564903/gov.uscourts.nysd.564903.152.0_1.pdf

 

[securitybreach]

Unfortunately, the tech companies have too much power and influence for any real change to occur.

[sunrat]

3 hours ago, securitybreach said:

Unfortunately, the tech companies have too much power and influence for any real change to occur.

 

Trouble is, without real change occurring we will continue to have our privacy and security eroded. Too many tech companies have gone too far already.

[Digerati]

I think it important we all take note there is a HUGE difference between privacy and security. 

 

Google, Facebook, Microsoft and the other big names are NOT trying to get our bank account numbers and passwords for example, nor are they trying to install malware on our systems. 

 

But for sure, Google and Facebook in particular are indeed trying to learn just about everything else about us, in terms of our likes and dislikes, so they can target ads for products they believe we will like, and buy, so they can get their "vig". 

 

And for sure, at least in my opinion, Google and Facebook are the biggest bad guys among the good guys, if you will - even way more than Microsoft, actually, but that's for a different discussion. 

 

When it comes to privacy and security, my bigger concerns are our ISPs. Why? Because our ISPs know our real names, our street addresses, and they already have our billing information, to include our social security numbers (at least in the US). They also know our surfing habits and in many cases, our email habits too. 

 

But the even bigger threat is our cell phone providers. They not only know our real names and billing information, they know our phone number too. And they know who we talk to and text with. But that is not the worst of it. Our cell phone carriers know where we are standing to within a few feet, to include what store and even which aisle in that store we are in! They know where we have been, what direction we are heading, and how fast we are moving.

 

But that's not what even scares me the most. What really scares me is all the network breaches and hacks that could easily be prevented had only the IT and security managers and C-Level execs not been lazy, negligent and complacent and simply did their jobs. And if they fail to do their jobs, they need to be held accountable. But they rarely are. 

 

For example, if you look at the massive Equifax breach,

 

Quote

 

...attackers exfiltrated hundreds of millions of customer records from the credit reporting agency.

 

It potentially affected 143 million people — more than 40 percent of the population of the United States — whose names, addresses, dates of birth, Social Security numbers, and drivers' licenses numbers were exposed. A small subset of the records — on the order of about 200,000 — also included credit card numbers

 

 

Note the report points out, among other problems, there was, "lax security", "bumbling response" to the breach, and "corruption" at the top executive level. 

 

And the breach happened because the bad guys exploited an already known vulnerability! How? Because the IT and security managers responsible failed to apply the available patch. The program developers had previously identified, developed and distributed to Equifax, the critical update to fix and secure that vulnerability - months prior to the breach! 

 

Not only that, but all the personal information was stored on the Equifax servers in the clear! It was not encrypted. 

 

And not one person was held accountable! Just one executive officer spent a few days in jail - but that was for "insider trading". He quickly sold off his Equifax stocks before the prices tanked after he learned about the breach a few days before it was publicly announced. 

 

That lack of accountability with the Equifax breach (and countless other breaches) tells other C-Level execs, IT and security managers that they don't have to worry about security. This is because no one will be held accountable if they fail - even through total negligence - to secure our personal information.

 

Circling back to Google and Facebook, and Twitter too is they are taking "Freedom of speech" too literally and are then using that right to shield themselves from any and all culpability and liability. They need to stop hiding from that and take responsibility to ensure their platforms are NOT used to spread lies, falsehoods, hate (and yes, insurrection). 

 

Lets not forget that much of what Google and Facebook know is because so many of us humans readily share it with them! People post their entire lives out there. They announce on Twitter and Facebook through Chrome that they are going on vacation, then they are surprised to see their house was robbed when they were gone.  Is that really Google or Facebook's fault?