Google Knows the Wi-Fi Passwords of All Android Users

[Anton]

Just been reading this post on gizmodo, http://www.gizmodo.co.uk/2013/09/google-knows-the-wi-fi-passwords-of-all-android-users/ was pretty shocked and suprised but really, i don't think i should be any more... I feel privacy is quickly becoming a thing of the past... it really frustrates me!

[digininja]

And in other news they can read all your email, know your entire calendar and flick through your address book.

Why is this a surprise or news?

[Teledog]

Yes,

GF sent me an email (to my Gmail) from her work Outlook, containing a date/ time for her work meeting.

Lo & behold, it automatically showed up on my TF101 calendar!..F*ck me!

Only a matter of time before they can detect prostate cancer via the Android....

[br0k3nilluzion]

Wonder what would happen to cyogenmod if they really did go all out on an encrypted and all for the user, screw the
NSA and government ROM...

Sweet dream that would be. Think they would have to give up there source code and algorythms ?

[digininja]

The security should never be in the secrecy of the software or the algorithms it should be in the way they work and the keys.

[logicalconfusion]

@digininja

So, technically Bill Gates can read the e-mail of anyone using M$ Exchange according to your analogy, even though it's closed source...

[digininja]

Don't know what close vs open source has to do with it and if you wanted to make that analogy then I'd say Hotmail not Exchange.

[digininja]

sorry, thought you were replying to my first comment, not the last one.

Still don't get your point, the security of encryption should never be based on the algorithm being hidden, it should be based on the algorithm being secure and good keys being used.

[digip]

Service providers by law pretty much have to hand over anything they get asked for anyway, so this is built in to just about everything from the get go. As for secure ability to keep things out of the hands of providers, people would need to write their own apps and encrypt all communication, which some people are doing and working on, but the app or serivce also has to be able to do it while aware of the underlying hardware, and OS software to make sure it can't be pulled from memory in plain text. Want secure communication, encrypt before pasting and sending across gmail, and have keys or such others use to decrypt at their end. Devices like android and iPhones though, going to have to build something custom to get around the underlying architecture to do what you want which in today's world, trust nothing and expect whatever you do, is being read, if not stored and analyzed, ie: NSA or just plain marketing by google(notice the ads in gmail and facebook profiles?). Second you turn on and connect, you're giving up some level of anonymity no matter what it is you use, other than going off the grid in some manner, no HDD, Live Disc boot, no communication or login to sites you know or people you talk to, and constantly changing all your info and connections every time you go online. Groups can setup darknets and personal tunneled playgrounds, but if the device you are using has permission to read every bit on the system, don't think if someone didn't want to get at it they couldn't. Just look at Mubix's last segment on persistence. Every password change, he would get sent a copy, so you'd need to build your own setup from the ground up which is one reason people tend to use linux and trust it a bit more since 99% of the source code is available and open source so anyone can inspect it, change it, secure it, and do as they wish with it.