Associated Press | Computer hackers stole a program that
controlled access to most of Google Inc.’s services when they attacked
the Internet company late last year, according to a report published
late Monday.
The story in The New York Times provided more details about an
intrusion that provoked a politically charged showdown between Google
and China’s government over Internet censorship and computer security.
The Times said it obtained the information from an unnamed person with direct knowledge of the investigation into the break-in that Google has traced to China.
Google declined to comment specifically on the Times’ story. A spokeswoman reiterated Google’s previous assertions that the attacks on the company didn’t obtain any personal information from its users’ e-mail accounts.
The stolen password system was called Gaia, a reference to the Greek goddess of earth, according to the Times. Besides e-mail, Gaia also governed access to the online services that Google sells to businesses, government agencies and schools.
Without providing specifics, Google acknowledged some of its intellectual property had been stolen when it announced the hacking attacks in January. The heist prompted Google to tighten its computer security.
At least 20 other companies were targeted in similar attacks, according to Google.
The breach incensed Google so much that the company decided to protest the country’s laws dictating the censorship of Internet search results deemed to be subversive or pornographic by the government. Google started censoring in China four years ago when it set up a search engine inside of the country to gain better access to the world’s largest Web audience.
After unsuccessfully trying to negotiate a compromise with China’s ruling party, Google last month began to shift search requests from mainland China to Hong Kong, where online censorship isn’t required.
So much for keeping your data in the cloud. Ooops!
I wonder if this had something to do when my secondary email was receiving lost password requests from my gmail account?
The Knower you think your data is safe inside your infrastructure?
“I wonder if this had something to do when my secondary email was receiving lost password requests from my gmail account?”
That’s probably just due to idiots. I have one account I set up during early gmail beta testing, and I’ve had something like 20-odd people try to directly accuse me of “hacking” their account and stealing it over the past six-seven years. I get password reset emails on my primary for that account probably monthly.
I bet it’s safer than the cloud. For starters, my data/infrastructure doesn’t have a big bullseye target painted on it the way Google, Microsoft, or any other cloud-provider does.
When the Government can’t figure out all the phantom activity on the net at off hours or cannot track down email spamming applications, don’t look to have Security Issues addressed or solved for the current Internet implementation. The IP packet protocol was never designed for security – spoofed Mac Address anyone? IP needs to be completely readdressed. Cloud Computing is just a new wrinkle in data security problems just waiting to happen… But then again, all I know are show tunes. “Sing out, Louise!”
No, data is vulnerable almost everywhere. The point is, when I control the data, I am personally responsible for securing it. When I let key corporate data sit out ‘in the cloud’ I’m at the mercy of the cloud provider’s dumbest employee.