zlacker

I have never understood why Google has remained the esteemed vendor for a subset of technical users.

They lost me more than a decade ago when they hoovered clear text passwords from their wifi scanning and blamed it on a single engineer.

>>doctor+(OP)
Are you referring to Google Maps automobiles connecting to open WiFi networks? Because to be fair, those networks were wide open, and they were being advertised.

I don't see how advertising an open WiFi network is much different from advertising an open house. In both cases you should expect visitors.

>>dumpst+Rb
Ah yes, the “they were asking for it” defense.

>>dumpst+Rb
An open wifi network is akin to having the shades open or your door unlocked.

You can take advantage of it, but almost everyone is going to feel like it's not right unless they have consent.

An open house would be akin to have an open wifi network labeled "PleaseUseMe".

>>Negati+re
I disagree. An open WiFi network that is not being advertised would be similar to leaving a door unlocked or the shades open. When that network is actively advertised it ceases to be an open blind, and moves into open house territory.

>>dumpst+tf
So if my front door is open, or my garage door is open, you feel you have the right to enter my home without permission?

>>slimsa+vh
If you are advertising that your door is unlocked, and the precedent is to enter unlocked doors - as it is to connect to open networks, then yes. Permission in such a scenario is implied.

You make these analogies attempting to equate an advertised open WiFi network to an unlocked home, while ignoring the precedent around both of those things.

It is expected that people connect to your advertised open WiFi network. It is not expected that people wiggle your doorknob to check if it's unlocked or not. If you put a sign on the door advertising, "the door is unlocked!" then I wouldn't be surprised when someone mistakes that for "come in".

>>dumpst+Rb
That Wi-Fi router shouldn’t have dressed like that if it didn’t want to get Googled.

>>dumpst+7l
I think that depends a bit on context. If I am at home, and my neighbors are advertising an open Wi-Fi network, I’ve never taken that as an invitation to connect and use it. However, if I’m at coffee shop Foo and I see “Foo Guest” advertised, then sure…

>>dumpst+Rb
What nonsense. Open wifi was basically the norm for public hotspots at the time, POP was not encrypted, nor was most HTTP traffic.

We didn’t stand a chance.

>>dumpst+tf
The splitting of hairs between “open” and “advertised” is ridiculous. It’s the users who had their passwords stolen, not the hotspot.

A better analogy is:

I leave my door open with a welcome sign out the front.

Two people enter.

One of them picks the pocket of the other.

And then the thief blames the guy who told him about the open door in the first place.

>>patch_+bX
Does that also give you the right to sniff their network and steal their email passwords?

>>doctor+(OP)
Well, perhaps because Chromium is the most well-hardened browser engine on the planet, for better or worse.

I might user Firefox personally, but I'll have my company use Chrome.

Other Google products (Maps, Docs, Gmail) are excellently engineered and usually ahead of their competitors in terms of reliability and feature set.

It's not hard to understand why people use Google products despite the occasional moral qualm.

>>dumpst+7l
I've never felt that it's appropriate to connect to residential open wifi. If I see one near where I live, I assume it's a misconfiguration.

>>doctor+s01
No it doesn't. Imo, that would be both poor etiquette, and a violation of trust.

While I do remember hearing about Google Maps vehicles connecting to open WiFi networks in the news, I don't recall hearing about private credentials being published. Was that the case? I thought it was just a map of open WiFi networks that was published with basic details such as SSID?

Edit: I found the article (2010, holy cow does time fly). It looks like they did collect payload data for non-encrypted traffic. Even though the data wasn't published in any way, I must agree that they went too far. I would have no issue if they were to simply verify that they could connect and record basic info such as SSID, but collecting payload data from network requests was inappropriate.

>>doctor+a01
To be clear, my stance on the matter is that it is 100% okay for anyone to connect to any open WiFi network.

I don't find it particularly troublesome that maps of open WiFi networks exist.

I do not, however, think that it's okay to behave maliciously, or inappropriately on open WiFi networks.

My earlier response to your comment about hoovering plain text passwords didn't properly acknowledge the bad behavior that took place. I concede that you are correct, it was rude and insidious behavior.

>>native+uF
Pause button: it's not super cool to make light of atrocities by not-so-subtly equating them with connecting to open WiFi networks.

>>dumpst+YB4
No worries, thanks for being a good sport. I think we agree all around.

It was never the connecting that bothered me, it was the storage of the data encountered.