Google and NSA Teaming Up 125
i_frame writes "The Washington Post reports that 'Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.'"
Re:Defend its users? (Score:2, Interesting)
Your "media streamer" system has 125 times the amount of memory, about 70 to 100 times the processing power, and probably several hundred times the storage space of the mail server I set up for a company with 40,000 users back in the late 1990s.
Thanks to Sun hardware and Solaris, that system handled the load just fine, and even did some rudimentary spam filtering. I doubt you could even generate a similar load on your system. If it can't handle a small fraction of what we could easily handle over a decade ago, then something is really fucked up.
post chinese leaders' emails (Score:4, Interesting)
Different Experts , but also deniability (Score:5, Interesting)
I've said it before, but if Google's investigation points to Chinese government IPs, they must tread on careful ground because they have employees in China that could go to gulag if Google gets too curious.
Involving the NSA allows them a certain level of deniability/immunity, and let's face it, the NSA probably has been tracking Chinese Gov't IP's a lot longer than anyone, so I think it's not a question of 'better' experts, it more a question of experts experienced in doing what Google wants.
I still believe that Google is still holding cards to their chest. I mean, how many other corporate hacks have occurred where the corporation has publicly requested the assistance of the NSA?? I'm not aware of any (though I'm sure someone will post a link showing how little I know!). So I think Google already has very good evidence that the Chinese Gov't was behind it, but is afraid to make that information public.
Google can Read Your Mind... (Score:5, Interesting)
Google has always been able to use the things people are looking up for evil: if someone using Apple's IP googles a particular microchip's specs, you might infer from that that they might be thinking of using that chip soon.
How about a Chinese IP googling "openssl 0.9.6 exploit".. especially if that IP was just visiting www.$SOMESITE.gov, where the HTTP-headers mention it's using "openssl-0.9.6". Or a Saudi Arabian IP googling for flight info inside the US, and a few seconds later, a Yemeni IP opening up the same URL (hmm, although without that site's cooperation, the NSA won't be able to see that, or are they..?)
Such powers would be interesting, for the wielder. Not so much for victims of its inevitable abuse.
Re:Conversation between Google and NSA (Score:4, Interesting)
Re:Defend its users? (Score:5, Interesting)
Cloud computing has interesting security implications.
The IT security team protecting Gmail are better at security than the team protecting your average datacenter, and they are FAR better at security than your average small business or home user "IT security team."
But on the other hand, far more attackers are going to try far harder to get into gmail than to get into your small business mail server.
So how do these factors balance out? On the whole, I think medium-to-large businesses with dedicated IT security staff will provide better security than you would get by cloudsourced IT; but the small businesses with no dedicated IT security staff really would be better off, from a security perspective, sending their IT systems to "the cloud."
Re:simple (Score:3, Interesting)
They are building big time in the fly over states.
Not Japan, Australia, the UK ect.
They care about you a lot.
Re:Shocked. Shocked, I Tell You. (Score:1, Interesting)
wasn't their first cto or cso former head of nsa?
Re:Anonymous Coward Trolls (Score:2, Interesting)