Google Abuse

Mel Beckman mel at beckman.org
Wed Aug 17 05:42:01 UTC 2022


Well put, bro. 

-mel via cell

> On Aug 16, 2022, at 9:08 PM, Peter Beckman <beckman at angryox.com> wrote:
> 
> To make this more NANOGy, what is OUR role in all of this?
> 
> Two questions that relate here:
> 
>    How does NANOG make inbound network abuse easier to stop and harder or
>    costlier for networks and clouds to ignore?
> 
>    How do NANOG operators attempt to keep private things private?
> 
> 
> For the latter, IMHO most NANOG members likely also run, manage, or interact with
> businesses that hold data.
> 
> Three of the NANOG Principles apply here:
> 
>    Security within our digital platforms
>    Sustainability of Internet technology professions
>    Innovation within the community
> 
> 
> We all should be doing whatever we can within our own organizations to
> improve end user privacy and security. I'm going to make another go at it
> within my own.
> 
> And anything we can do to make it harder for networks and cloud providers
> to ignore abuse reports and stop it is an Innovation that might move the
> burden of network attacks off of the recipients and onto the sources.
> 
> Beckman
> 
>> On Tue, 16 Aug 2022, richey goldberg wrote:
>> 
>> “thought that google fi was a neutral pipe.”
>> 
>> There is nothing neutral about Google or any of companies that are their competitors.    They all have some sort of agenda which is to do what’s best for them or what they *think* is best for everyone else.  Even if it’s not.
>> 
>> “are google, like fb, recording and retaining direct messages and sms/mms contents”
>> 
>> They may tell you they are not but there is no doubt in my mind they are and if they got caught their response would be “Oopsie, my bad”.
>> 
>> -richey
>> 
>> 
>> From: NANOG <nanog-bounces+richey.goldberg=gmail.com at nanog.org> on behalf of Mark Seiden <mis at seiden.com>
>> Date: Tuesday, August 16, 2022 at 3:48 PM
>> To: Jon Lewis <jlewis at lewis.org>
>> Cc: nanog at nanog.org <nanog at nanog.org>
>> Subject: Re: Google Abuse
>> well, that isn’t exactly true.
>> 
>> ALL of the fraudsters, business email compromisers, spoofing accounts are now from gmail and as far as i can tell,
>> there is no evidence that they do ANYTHING about them.    i recently gave a talk on fraudulent restaurant reviews
>> in google maps.  easy for humans to spot.  (hundreds of machine learning engineers at google.  what are they doing?)
>> 
>> but here’s a counterexample… not that it serves anyone particularly well:
>> 
>> a colleague of mine (ex googler, superb engineer, with a brother who is a current googler) had ALL of his google accounts
>> deactivated recently.  a google fi customer, he used it to send an mms photo of a rash on his toddler’s crotch to his wife,
>> so she could upload it (using https) to their pediatrician’s portal for diagnosis.
>> 
>> a few days later the cops were at the door with a search warrant.  the cops agreed it was a false positive, but despite that,
>> the accounts were deactivated (including gmail), seemingly permanently, despite multiple attempts to revive it and attempts
>> at escalation.
>> 
>> i was actually surprised.  i thought that google fi was a neutral pipe.
>> 
>> who knew that google mines mms images for pink parts?
>> 
>> do the other cell phone companies do the same?  (not that i particularly need to test it…)
>> 
>> (is there any transparency here regarding the scanning and retention policy for sms and mms contents?)
>> 
>> which raises, in the post-boggs world, another question:
>> 
>> are google, like fb, recording and retaining direct messages and sms/mms contents, so they can turn them over
>> to law enforcement who have become “interested" in who was pregnant and who stopped being pregnant?
>> 
>> https://www.vice.com/en/article/n7zevd/this-is-the-data-facebook-gave-police-to-prosecute-a-teenager-for-abortion
>> 
>> (once again, there ain’t no sanity clause.)
>> 
>> 
>>>> On Aug 16, 2022, at 10:43 AM, Jon Lewis <jlewis at lewis.org> wrote:
>>> 
>>>> On Tue, 16 Aug 2022, Cristian Cardoso wrote:
>>> 
>>>> Hi
>>>> I'm receiving thousands of requests from a Google Clou VM on my network, I've already sent reports to Abuse from GCP, but without success, does anyone happen to have a Google abuse
>>>> contact to indicate?
>>> 
>>> There is no Google abuse.  It's just traffic you don't want that they don't care about.  Block it at your edge and move on.
>>> 
>>> ----------------------------------------------------------------------
>>> Jon Lewis, MCP :)           |  I route
>>> StackPath, Sr. Neteng       |  therefore you are
>>> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>> 
> 
> ---------------------------------------------------------------------------
> Peter Beckman                                                  Internet Guy
> beckman at angryox.com                                https://www.angryox.com/
> ---------------------------------------------------------------------------


More information about the NANOG mailing list