By now, most experts will admit that Google is one giant data and intelligence gathering operation. This latest browser revelation (see full story below) only confirms what we already suspected.
As a private tech start-up, Google was partly seed-funded by both the NSA and CIA, and has since been completely co-opted by US intelligence to retain what technocrats and spy chiefs in Washington DC refer to as ‘information superiority.’
Salon reported on just one of the Google-NSA covert joint ventures, “Turbine and Turmoil”:
It’s not clear what the NSA and Google built after the China hack. But a spokeswoman at the agency gave hints at the time the agreement was written. “As a general matter, as part of its information-assurance mission, NSA works with a broad range of commercial partners and research associates to ensure the availability of secure tailored solutions for Department of Defense and national security systems customers,” she said.
According to officials who were privy to the details of Google’s arrangements with the NSA, the company agreed to provide information about traffic on its networks in exchange for intelligence from the NSA about what it knew of foreign hackers. It was a quid pro quo, information for information.
“For Turbine and Turmoil to work, the NSA needs information, particularly about the data flowing over a network. With its millions of customers around the world, Google is effectively a directory of people using the Internet. It has their e-mail addresses. It knows where they’re physically located when they log in. It knows what they search for on the web. The government could command the company to turn over that information, and it does as part of the NSA’s Prism program, which Google had been participating in for a year by the time it signed the cooperative agreement with the NSA. But that tool is used for investigating people whom the government suspects of terrorism or espionage.”
Not OK, Google! Covert installations of ‘eavesdropping tool’ raise alarm
Open source developers and privacy campaigners are raising concerns over the automatic installation of a shady “eavesdropping tool” designed to enable ‘OK Google’ functionality but potentially capable of snooping on any conversation near the computer.
When one installs an open source Chromium browser, as it turns out, it “downloads something” followed by a status report that says “Microphone: Yes” and “Audio Capture Allowed: Yes,” according to an article by Rick Falkvinge, Swedish Pirate Party founder, published on the website Privacy Online News.
While the Chromium, the open source basis for Google’s browser, at least shows the code and allows user to notice it and turn it off, the same installation is included by default in the most popular browser Chrome, used by over 300 million people.
The code was designed to enable the new “OK, Google” hot word detection, which lets the computer do things like search or create reminders in response to human voice. Yet, some users are worried that the service could be activated without their permission, eventually sending recorded data to Google.
The worried users describe the Chrome Hotword Shared Module as an audio-snooping “black box”, with only the corporation that provided it fully aware of what the injected pre-compiled code is capable of.
“Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room,” wrote Falkvinge.
“Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by … an unknown and unverifiable set of conditions.”
“We don’t know and can’t know what this black box does,” he added.
The users’ complaints were received with the Google developers’ words that: “While we do download the hot word module on startup, we do not activate it unless you opt in to hot wording.” They also underlined the fact that “Chromium is not a Google product. We do not directly distribute it, or make any guarantees with respect to compliance with various open source policies”.
However, according to Falkvinge, the default install will still “wiretap your room without your consent, unless you opt out, and more importantly, know that you need to opt out, which is nowhere a reasonable requirement.”
While the fact that the voice recognition module is always listening does not mean it transmits all the data to Google’s servers, Falkvinge argues that no one knows what other keywords could trigger the feature on.
The only reliable measure against mass surveillance, according to the first Pirate Party leader, is a manual disabling of the microphone and camera on the computer with a hardware switch.
The latest voice search functions have raised the concerns of privacy advocates, as their use presupposes the sending of voice recordings to company servers, as well as the controversy over the continuous recognition to catch the moment a user says the ‘hot’ phrase.