Sunday, April 27, 2008

tech wars pt.1: google

I wonder how long it'll be before Google loses its shine. Already, executives are trying to distance themselves from its "don't be evil" motto, while some people are suggesting the pace of innovation at google is slowing - most notoriously google's online storage service, which has apparently been in development for years now, or google maps' loss of the technical lead to MS live maps (though the search function on the latter is awful). (Edit: and it looks like I picked the wrong time to start up with blogger.) Rumour has it that google's not attracting so many of the top smart people any more. Though I'd still be happy to work there.

What really concerns me though, as a good financial services sector worker, is data security. Despite losing the lead in some areas, google is still at the forefront of hosting/storing/aggregating people's data. Gmail, for example, famously has such a large storage capacity you don't need to delete anything. So most people (I imagine) don't. Which means there's a huge archive of stuff about them saved somewhere in the world (probably backed up in two locations). Wherever it is, it's not on their computer. Add to this the fact that someone's google log-in works for multiple products so you hack one you have access to all the others. That, of course, is the weakness of centralisation.
We see serious security breaches all the time, so how long before google suffers a big bust in and someone steals a load of data, or a load of accounts? Or it just loses it somewhere. Google's CAPTCHA technology (those things that ask you to type some letters from an image to prove you're not a bot) has been cracked, so they're not invulnerable tech gods.

I'm not trying to write an OMG DISASTER IS CUMIN! post here, just throwing this out for consideration.

Two things probably work in google's favour though. The first is that while they're not perfect, they are comparatively good. I'm not aware of any major breaches at Microsoft, and they run windows. If you're looking to do some crime, you go for the easy targets, not the hard ones. And there are plenty of easier targets around. Second, the volume and type of data stored by google makes it less appealing for criminals. If someone, say pulled a dump of a load of gmail accounts and posted it'd be a privacy disaster. Worse than that 20GB file of myspace pictures on bittorrent. However, myspace is filled with idiots. I mean, uh, there's limited monetary value in doing that. You could do a search in it all for bank account details, account names and passwords and stuff like that. It'd be a very inefficient way of doing things though, when you could just hack into TJ/K Max and grab a load of credit card numbers directly.

Incidentally, internet security gets more exciting the more you watch Ghost in the Shell. Particularly stuff like this, this, or those Chinese cyber attacks on US and UK government computers. Or the attacks on Latvia (or one of the other little baltic states) by Russia that turned out to be just one unhappy Latvian guy. Now all we need are the cyberbrains.

No comments: