It was discovered that Google street view cars intercepted and stored the communication contents of the wireless LAN in the streets around the world including Japan
ByJamison Wieser
According to Google's official announcement on the blog, previously reported in GIGAZINEGoogle Street ViewRunning around the whole world for "The Google street view car scans the wireless LAN in the street and records it, start display by the end of 2010"Not only the SSID and the MAC address but also the contents of the communication by the unencrypted wireless LAN was recorded as it was.
Details on what we were logging on are as follows.
European Public Policy Blog: WiFi data collection: An update
http://googlepolicyeurope.blogspot.com/2010/05/wifi-data-collection-update.html
Official Google Blog: WiFi data collection: An update
http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html
Although not stated in the official blog above,Asahi Shimbun and other media coverageAccording to, it seems that the Google Street view car of Japan is also included.
According to Google, the DPA (Personal Data Protection Authority) in Hamburg, Germany, 9 days before the local time May 14, audits the contents of what Google Street Viewer is scanning the SSID and MAC address He asked me to do it, so he gave it permission. In the first place, the SSID and MAC address of the wireless LAN broadband router and the wireless LAN access point collected by the Google street view car are displayed on Google Maps without using the location-based service in the mobile version of Google Maps, eg GPS It seems that they were collecting and recording for use in such services, such as searching for the nearest restaurant or address without using GPS, etc.
The DPA in Germany notified Google that we should review all of the collected data, so after re-examining according to the notice, it was confirmed that not only SSID and MAC address but also different data was collected and recorded It turned out.
First of all, the data of wireless LAN which I thought Google had collected was the following two kinds.
· SSID (Wifi network name)
MAC address (a unique name given to the wireless LAN router)
However, actually another one was collected.
· Unencrypted payload data (communication data not encrypted with WEP etc.)
This payload data is simply the user's communication information. For example, if you send mail via an unencrypted wireless LAN, it is the contents of the mail. Likewise, it includes contents of pages, websites and blogs browsed via unencrypted wireless LAN. In short, it means all information communicated via wireless LAN that is not encrypted.
Strictly speaking, Google Street View Car is gathering while moving, and it is not staying in one place, so the payload data actually recorded and saved is only a part of the communication contents, and itself Most cases do not make sense. In addition, the system that records the SSID and MAC address of the wireless LAN installed in the car of the Google street view car changed the channel five times per second, and recorded only "fragments" of the payload data .
Google explained about why we recorded data other than SSID and MAC address, and engineers who tackle wireless LAN projects in 2006 originally wrote all the data transmitted by broadcast using wireless LAN It is said that it was caused by writing one code to be sampled. When we started the project of Google's mobile team gathering SSID and MAC address using Google Street viewer in the past year, it is already said that this code was mixed in their software . Of course, the leader of this project did not consider collecting payload data nor using it, so it was incorrectly recording data.
As soon as we know this fact, Google immediately suspended the Google street viewer, separated the collected data from our network, and made it impossible to access that data. Google hopes to delete these payload data as soon as possible and is currently in contact with relevant organizations around the world.
Google says, "Maintaining people's trust is important for everything we do. We are apologizing for this incident that we have threatened this trust, and the following I promise to do it.
· Ask third parties to investigate the software you are using with Google Street Viewer. How the software works, what data is collected, and whether Google deleted them properly.
· To control information gathered by Google, it is guaranteed internally that sound management procedures are properly controlled and worked on when such problems arise in the future.
For that reason, it seems that now, Google judged that it is best to stop collecting any information on wireless LAN using Google Street View Car.
今回の件についてGoogleは、暗号化されておらず誰でもアクセス可能な無線LANアクセスポイントがどれだけたくさんあるかがわかったはずである、としています。さらに今年の初めにGoogleのGmailのアクセスを「http://」ではなく「https://」も使えるようにして全ユーザーに暗号化通信を選択できるようにし、来週にはGoogleの検索についても「http://」ではなく「https://」も使えるようにする予定だそうです。
Finally, Google 's engineering team is working diligently to gain the trust of people, but I am afraid that I have failed on this case.
· Bonus
The Google street view car being forbidden by the police for some reason
ByDspain
Related Posts:
in Note, Posted by darkhorse