Google Collected Passwords in Wi-Fi Sweeps

Do No Evil.

O... sh*t.

Google Google... twice as evil as Google.

WHY WOULD YOU DO THIS I LOVED YOU SO MUCH

I have no problems with google spying on the french.

next time encrypt your shit.

Google the paparazzi of the internet. Lol

"It was an accident"

just change ur password sheesh

If you take a random sampling of network traffic, statistics tell us that a portion of it is almost certainly going to contain passwords and email. It'll also contain pictures of puppies, but I don't see people screaming about how Google secretly captured those.

I for one am not convinced that it was deliberate. I can't see them deciding to do something so obviously objectionable to get their hands on data that I don't think they really have much use for. After all, they already have a massive amount of our data on their servers, including our email and their associated passwords. Why do something sneaky and possibly illegal to capture little bits and pieces of it at random?

I also note that they've been quite open and cooperative about the issue.

Anyone concerned by having their network traffic captured really needs to learn how to encrypt their wifi. It's not the big businesses you need to be afraid of, it's the guy next door who likes stealing WoW accounts or credit card details. If you're using either over an unencrypted wifi network you might as well stand on your lawn and shout out your passwords.

They could have just asked the French for their passwords. France probably would have capitulated on the spot.

so they are saying...google needed to come by my house, and scan my wifi to steal my gmail password, they already have on their own servers?

I still cant believe that NO ONE blames the people for having a totally open, anyone in your neighborhood can access it wifi anyway.
Thats the first thing I thought of "people with open to the public wifi complaining that someone out in the public accessed it?"

this is turning into a witch hunt now, people with pitchforks and torches just looking for somewhere to use them.

Lmao, I couldn't agree more. Just because you have terrible security doesn't mean you can blame Google

Hey i happen to be french. of course my family was exiled, i guess we didn't surrender fast enough

Who cares?

Idiots who believe Kevin Parrish's scare mongering probably think it was both purpose and intended.

1) If Wifi is unencrypted it means people can view ANYTHING you send on your Wifi unless it is encrypted.
2) The most common online protocol is HTTP. HTTP isn't encrypted.
3) Thus, if you send your password over HTTP, anyone can view it.
4) Google was accidentally (or not) collecting data from unencrypted wifi.
5) If users were using insecure websites that pass your passwords over HTTP, then Google, any ANYONE ELSE would see it.
6) The fault of the passwords in plaintext is the fault of the website.
7) The fault of the open wifi is the owner of the network
7.1) Or the user's for using a public hotspot and not expecting it
8) It is Google's fault for sniffing.

Google did not take these passwords maliciously, it claims to not even mean to be sniffing data packets anyway.

tldr; Wifi unencrypted on insecure site = bad. Not Google's fault.

Is an unsecure wifi network! Google was collecting everything including email password and content (ports 25/110/143.) I ain't taking Google's side, but don't make the Title sounds like Google was after the passwords.

Agreed, if you randomly take gigabytes of unencrypted wireless traffic, chances are you're going to get at least a few passwords in there.

Anyone who accesses secure websites and sends password or credit card info over an unsecured wifi network is a complete moron and deserves the headache of dealing with fraudulent charges and identity theft. Google did nothing wrong here.

That's what he said. (Couldn't resist )

Anyways, if you have an unencrypted or an encrypted with WEP you deserve to be hacked. It's child's play to crack WEP now.

All I got out of this article is that there are still a lot of people stupid enough to use passwords over unprotected WiFi connections.

The point is...

You may not eavesdrop and then collect and copy wire data. Accidental or not, it is illegal in most countries.

Is it just me or is this skewed to make everything sound deliberate?

It doesn't say weather passwords and email account data was inside the packets that the software was taking, or if the software was DESIGNED or used for the purpose of collecting these specific things. It makes a HUGE difference in terms of what Google is 'guilty' of. From what I've read in various articles about this, the software was taking more data than Google wanted.

Also, on the whole thing of it taking MAC addresses, this could have been to ensure the unique identity of a network. Because God knows how many networks are named 'linksys' or 'NETGEAR' in just a single neighborhood.

Oh Google. When I warm up to your existence, you turn around and stab me in the back. Well played.

ohh la la, the French now has your password.

[citation]Anyways, if you have an unencrypted or an encrypted with WEP you deserve to be hacked. It's child's play to crack WEP now.[/citation]

WPA is not much harder...you'd be surprised how many people think 1234567890 is a safe choice of password. Not much of a dictionary attack when it goes through on the first word!

If anything Google is doing these people a favor to tell them to take their security to the next level before someone else with bad intentions takes advantage of it.

Innocent until proven guilty, conspiracy theorists. Seriously now.

Deliberately or not, Google, being such a large and public company should know better, as they have invested large quantities of cash into it's lawyers. They would obviously know the laws of the country they are in. As most businesses make research/plans before even making the first step "Due Process".

A good example, would be someone coming by and reading bits and pieces of mail from your mailbox on the street, although they were only taking note of the first envelope on top, it is not appropriate, and I for one would not be happy if someone was found rummaging through my mail! Even IF my mailbox didn't have a lock on it.... (no, I do not use a lock on my mailbox.)

You would think the recent dispute in China would have served a good enough warning for them. You either follow our way, or the highway. Whether we agree with China or not is another argument all together, but they have their own culture, and it must be respected. (Which are the exact same freedoms we live for in the USA).

Now, where have I heard this before... John Mcclain

If the cars were capturing wifi packets from unencrypted networks, then some of the packets will contain passwords. The real problem is insecure WLANs and plaintext authentication. This shit is floating in the air for anyone with a wifi card. If we can't get dummies to secure their networks, then sites that care about their users' security should start encrypting their authentications.

You must be pretty naive.

What makes you think that if Google was spying on french (and german and spanish...) WiFi they didn't do the same in the USA (I assume you are from USA).

And while it is unbelievably careless to have your wireless unencrypted, this doesn't give ANYONE the right to access your network or even record the transmitted data.

As for those who claim it was not deliberate - wake up. It was not by accident that they extracted the passwords from transmitted packets, then accidentally stored them, transmitted them to back google, stored them again (for some months), to have them delivered back to the french courts.... and don't get me even started on accidentally storing the content of emails.....