Google security team drops F-bombs on NSA for internal Google cloud data surveillance

Imagine working in security for Google and spending years of your life trying to keep users safe and secure, only to discover the NSA has been tapping into Google data centers, tapping into Google’s internal network and hoovering hundreds of millions of user records every day. How might you feel? Two Google Security team members were so furious and frustrated that they dropped F-bombs on the NSA. Please note that neither of the gentlemen were speaking on behalf of Google when they said f**k the NSA!

Dropping F-bombs

On Google+, Google network security engineer Brandon Downey and his security team co-worker Mike Hearn – who also works on the Bitcoin virtual currency system – were reacting to a leaked NSA presentation on “Google Cloud Exploitation;” it showed how the NSA secretly breaks “into the main communications links that connect Yahoo and Google data centers around the world.” The Washington Post, reporting on documents obtained from Edward Snowden, explained that by tapping those links, the NSA can “collect at will from hundreds of millions of user accounts, many of them belonging to Americans.” The NSA and the British GCHQ’s “principal tool to exploit the data links is a project called MUSCULAR.”

According to a top-secret accounting dated Jan. 9, 2013, the NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video.

Brandon Downey explained that’s he spent the last decade trying to keep users secure; “I've seen armies of machines DOS-ing Google. I've seen worms DOS'ing Google to find vulnerabilities in other people's software. I've seen criminal gangs figure out malware. I've seen spyware masquerading as toolbars so thick it breaks computers because it interferes with the other spyware. I've even seen oppressive governments use state sponsored hacking to target dissidents.”

After learning that the NSA has no scruples about spying on Americans, or tapping into Google’s internal networks, Downey said, “F**k these guys.” He added, “Even though we suspected this was happening, it still makes me terribly sad. It makes me sad because I believe in America.” Downey added:

But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips.  

NSA Serendipity slide, NSA spying on Google's internal networks

Then, the Washington Post showed new evidence and leaked slides showing how the NSA had access to internal Google cloud data, including “Serendipity New Protocols” slides specifically pertaining to Google. An “expert” told the Post, “This is not traffic you would encounter outside of Google's internal network.” In fact, “the slide shows data in a format that is ‘only used on and between Google machines. And, also as far as I know, Google doesn't publish their binary RPC [remote procedure call] protocol, which is what this resembles’."

NSA leaked Serendipity slide showing how it spies on Google
F-bombs on the NSA

Google security team member Mike Hearn also exploded with profanity, joining his colleague “in issuing a giant F**k You to the people who made these slides.”

Hearn explained, “The packet capture shown in these new NSA slides shows internal database replication traffic for the anti-hacking system I worked on for over two years. Specifically, it shows a database recording a user login as part of this system.”

We designed this system to keep criminals out. There's no ambiguity here. The warrant system with skeptical judges, paths for appeal, and rules of evidence was built from centuries of hard won experience. When it works, it represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason.

Unfortunately we live in a world where all too often, laws are for the little people. Nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process. In the absence of working law enforcement, we therefore do what internet engineers have always done - build more secure software. The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined. 


Even Eric Schmidt, former CEO of Google, said if it’s true that the NSA is spying on Google data centers then it’s “outrageous” and “perhaps illegal.” Schmidt told the Wall Street Journal, “The steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people's privacy, it's not OK.” Then he added, “There clearly are cases where evil people exist, but you don't have to violate the privacy of every single citizen of America to find them.”

I'm not saying Google is perfect, but at this point, I’m sick to death of NSA’s word games and insulting head games; I’m not interested in quoting NSA officials other than to note it’s all about denials, or claiming to use legal channels.

Copyright © 2013 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon