• Oct 26th 2010 at 9:59AM
  • 31
Remember when we mentioned that Google, through its Street View camera cars, had accidentally captured "bits of data" from unsecured WiFi networks? The search engine giant has now admitted that the street mapping cars captured quite a more. In fact, when the vehicles found open networks they were apparently able to snag passwords, emails and web pages.

How's that? The antennae on top of a Street View car registers the name and location of any available network as it passes through a given neighborhood. This data is then used to sell advertising. Google had initially said that the antennae only captured a small amount of data, but now it appears that that potentially millions of emails and passwords were recorded.

The company says this was all a mistake and is offering an apology. As soon as they found out their cars were capable of recording such information, the entire fleet was grounded and the authorities were alerted. Google has since changed its vehicles so that they no longer collect wireless information.

This is not enough for some. According to The Daily Mail, the UK's Information Commissioner's Office is launching an investigation and Scotland Yard is checking to see if laws were broken. Privacy advocates are calling this a massive scandal, seeking further investigation and third party audits.

[Source: The Daily Mail]

I'm reporting this comment as:

Reported comments and users are reviewed by Autoblog staff 24 hours a day, seven days a week to determine whether they violate Community Guideline. Accounts are penalized for Community Guidelines violations and serious or repeated violations can lead to account termination.

    • 1 Second Ago
      • 4 Years Ago
      That's what Google is. Tracking down everything that we do.
      • 4 Years Ago
      Yea, we just turned on this system and it just so happens that the skimming software inadvertently captures emails and passwords and web pages AND FILES THEM. What a pack of lies.
      • 4 Years Ago
      Google by its original design collects information on every search conducted using its search engine and no one outside a select few inside Google really know how Google stores or uses this information. This is what Google does, collects information and then sells it. Google designed the street view information collection from the outset to do what Google does collect as much information as it can to sell. Google telling us that it did not know what or how the Google designed system collected the information and it was in error is an open invitation to the DOJ to use its subpoena power to seize Google's systems and conduct a full investigation into the invasion of privacy of citizens. Google knew exactly what it was doing and had the capability to do.
      • 4 Years Ago
      Surely this goes against their "don't be evil" rule.

      This is also pretty invasive for a company whose CEO blacklisted CNET.com for Googling him.
        • 4 Years Ago
        "NO Google didnt make a mistake. They accidentally collected free transmitting information. Ever use a CB radio? Its open and in the clear, you cant say something over it, and get pissed when someone hears what you said. "

        Yes, Google did make a mistake. What the program SHOULD have done was collect the network identifier, only the network identifier, and nothing but the network identifier and then move on. What they did after they realized what happened is EXACTLY what they were supposed to do. Cooperate with officials, and inform everyone of the information.

        I won't say its entirely Google's fault, but fact remains that the program didn't function as it should have.

        Your argument is like saying just because I left my doors unlocked, someone has the right to take my TV. Is the network admin at fault? Yep. Does Google take some blame? Most def. Am I going to allow Google to keep managing my personal information (calendar, contacts, email, etc.)? Until something better and free comes along.
        • 4 Years Ago
        I know I'm going to get downranked for this, but I believe it to be true.

        Answer me something. What good does all this information do Google? And if it did gain them anything, why would they have been so upfront about it?

        Did Google make a mistake? Yes. Is it as big a deal as people are making it out to be? No.

        It make absolutely no sense for Google to get this information and then sell it. Could you imagine the mass exodus that would ensue from something like that? Google makes their money from search advertisements. If people leave the site (and Bing is actually a fairly good alternative now), their revenue stream comes to a screeching halt. Don't believe that's where they make their money? http://d0x.com/how-does-google-make-money.html

        I'd be surprised if Google actually wanted to keep that information for any amount of time. Information like this is a HUGE liability. They may have to keep it so that if they get investigated, they can show investigators exactly what they have.

        And guess what? Maybe this will teach some people to secure their network. This only picks up packets on open (unsecured) networks. Even if you're using the craphole that is WEP, you're still protected (from Google anyway). Will I go so far as to say these people deserved to get their information taken? No. Google should have been more careful. But I'm willing to believe that this is/was a one time occurrence.

        • 4 Years Ago
        "Did Google make a mistake? Yes. Is it as big a deal as people are making it out to be? No."

        NO Google didnt make a mistake. They accidentally collected free transmitting information. Ever use a CB radio? Its open and in the clear, you cant say something over it, and get pissed when someone hears what you said.

        Google wasnt WAR driving, meaning, they werent driving around cracking the encyption on networks in order to gain access and archive data... their computers just collected clear text data benig broadcasted.

        Typing your credit card number over unencrypted wifi is no different then saying your credit card number over a CB radio.

        If someone is broadcasting unencrypted information into your home, they are literally sending you their information.

        But again, people dont understand how to secure their toy, so it must be googles fault!
        • 4 Years Ago

        I will post what i posted earlier....

        "The google-mobile was designed to take in free and clear traffic. It would be like if it was set to record sound rather then data, and you were on a megaphone blasting your credit card info in public. The sound would be recorded. When you set up a wifi, it pushs radio waves out, and they go outside of your house/driveway, no different then a speaker blasting sound. "

        Again with another flawed comparion.

        Leaving your house unlocked is different then you BROADCASTING your information to me... you are basically giving/pushing your information upon the recording device google used like sound upon a mic.

        The TV doesnt float out the door, and push itself upon the robber.
      • 4 Years Ago
      On the surface it seems like a good idea to photograph everything and put it online for everyone for free... Streetview that is. But Google is making money through advertising by providing this service. They are making money by putting pictures of your home online. I would suggest that everyone ask Google to remove their homes from Streetview OR have Google pay each homeowner based on the number of views that are served of your home. It's bound to happen sooner or later.
      • 4 Years Ago
      Big brother of a different kind.
        • 4 Years Ago
        I leave my motorcycle in the driveway, does that give someone permission to steal it? I agree that people need to protect their network properly, but Google stole from them. And I don't for one minute believe that Google didn't know that was going on, they are harvesters of any information they can gather, any where anytime. It's like a hungry shark on the prowl, keep your feet out of the water, because Google is an evil awful company, IMHO.
        • 4 Years Ago
        @jesscott... no, but it does not give you the right to complain if someone takes a picture of it. Nothing was 'stolen', just a recording of what was being publicly broadcast.
        • 4 Years Ago

        Why would Google spend money on something they can't benefit from? They can't sell ads for you to view it, they can't sell it to others...see where I'm going with this?

        However, server space costs money. You have to pay energy costs, maintenance, people to monitor the equipment, property to house them, upgrades, and at you can't be at 100% capacity so that if you have a spike in traffic, a DDoS, or equipment just fails, your network doesn't go down.
        • 4 Years Ago
        You cant leave your doors and windows open on your house, and then complain when someone outside sees you walking around in your underwear... This is the same with networks. Using a decent password, along with blocking your SSID from trasmitting to everyone in there mother is a simple way to prevent this problem.

        But people are stupid, and dont know how to work their toys, so they leave their network unencrypted and open, literally broadcasting out to the surrounding area their information. When you use wireless, you are BROADCASTING you information out to the world. If you dont protect it, it is simply open for someone to see.

        So rather then take responsibility for the fact that they dont understand their toy, something that if not managed can be very dangerous, people will try to put the blam elsewhere.

        The funny thing is, most people dont even realize what their doing is wrong. If a person buys an M80, doesnt know how to use it, and blows their hand off... its not the companies fault that produced it...
      • 4 Years Ago
      People conveniently forget or are simply don't know that using an unprotected wireless network and unprotected connection to servers to transmit passwords is tantamount to shouting it out as loud as you can to the street.

      Should you hear someone shouting his password while traveling down the street, you'd correctly think that this is silly behavior. If you were to record street sounds as you travel along for some purpose and happen to record the shout, would you do anything special to help that person keep his password safe? Most people will do nothing.

      People should start using a password on their wireless network.
      People should stop sending passwords in the clear over any communication channel.
      • 4 Years Ago
      Google should be held to this.
      "O, lets take streetView pictures, great. Even better, lets break into wireless networks while we're at it simply because we can". Unbelievable.
        • 4 Years Ago
        You don't know what you're talking about. There's a reason behind the packet sniffing. A company this large and this reliable on public perception definitely wouldn't do something like this on purpose.

        Now I want you to tell me something. What exactly is Google going to do with your password? Go buy a TV on Amazon? Steal all the money out of your bank account? Sell the password? Storage of information costs money. I'm not going to spend money just for the hell of it.
      • 4 Years Ago
      And this is on Autoblog why, exactly? Just because a car was involved? Shouldn't AB cover bank robberies and drug deals too if a getaway card was used? Sigh...

      As to the specifics, its obvious that whoever was writing the summary hasn't had much experience with computer security.

      Think of it this way: Google was going from place to place recording sounds in order to facilitate a "where am I?" service based on what your celphone was hearing, using only sounds available when driving down public streets. When they passed through some neighborhoods they heard people yelling the passwords to their safes out loud. When they realized this, they stopped what they were doing and alerted the authorities to help them delete the tapes.

      Still scary to you?

      Still think they could somehow have listened to the "noise" while not recording the safe combinations (without first listening to them)?

      Use WPA on your wireless connection with a password - any password - and this won't affect you. Use no encryption whatsoever, and somebody with less morals than google probably already has your stuff.
        • 4 Years Ago
        "Looks like google has been recording more than just sounds. They seem to have a program to collect whatever is being transferred in the wifi signal. This program has to be designed deliberately by a human to collect data from every wifi signal. I don't think that this is a bug...... it is a deliberate attempt. way to go google."

        Its a packet sniffer. It was supposed to log a specific subset of data and discard the rest of the packet(s). It collected packets, but it didn't discard the information it was supposed to.

        Mistakes in computer programs happen. Deal with it or stop using technology.
        • 4 Years Ago
        This is a MUCH better analogy than a motorcycle in the driveway. If you overhear someone's password or safe combination, should you be taken to court? No, of course not. But that person should be more careful and not be too surprised when his data or safe contents are stolen.

        If Google used the information for bad, then there might be a case. Blame should also be placed on the users of the unsecured networks, as well as the owners of those networks.

        Take responsibility for your own actions! ... or lack of action in this case.
      • 4 Years Ago
      This is gonna keep the aluminum foil hats talking for a while.
        • 4 Years Ago
        Do you know where I can get one......LOL
      • 4 Years Ago
      What data did they intend to capture and how did they use the data they captured?

      If they inadvertently recorded unencrypted traffic, but neither used it nor made it available to others, and they're not keeping it, then I don't think "swiped" is quite the right verb.
        • 4 Years Ago
        They use the network locations in relation to each other to allow non GPS devices (WiFi iPad, etc.) to determine more closely where they are.

        If the signal strength of several wifi networks is a certain amount, you're probably somewhere around a certain area.
      • 4 Years Ago
      Pays to be cautious.
    • Load More Comments
    Share This Photo X