OHTTP does require that the parties don't collude, which is why Google has engaged Fastly to run the relay service (which knows end user identifying data) and are themselves running the gateway service (which knows the end user request body).
Part of the contract terms include not delivering log data to Google for this service, among other things that help ensure that this separation of knowledge is upheld.
You forget that Google was worried about other XMPP services stealing user data. If I remember right, some services (maybe it was FB) was not sending out all data to Google in the federation system (I forget if it was names or friends lists or something). So it would allow other services to ingest data Google was sharing, but the sharing wasn't reciprocal.
Google's "off the record" has nothing to do with the OTR protocol. It only instructs the server to stop archiving the conversation, and does not involve end-to-end crypto. Google still has access to the cleartext as it passes through their servers.
I'm sorry, I thought this was "hacker" news. I Expected people would know that Google's OTR and OTR XMPP spec are different. My point was that you shouldn't be using 3rd party services to talk to people if the information is legitimately sensitive.
I suppose he refers to information collected with the Signal app alone. The thing is that all information that is sent via Google is encrypted, so it's not of much use. I only wonder how the connection between two clients is setup, and if Google gets to know which Google user talks to which other Google user.
It may be the only way, but I'm still concerned by this.
User @colinbartlett above says Google explicitly states what is sent, however. So am I right that it looks like we are trusting Google with what they say they are sending? I'm ok with that, I think.
> In order to provide an additional layer of privacy for our users, we proxy all STT requests through Mycroft's servers. This prevents Google's service from profiling Mycroft users or connecting voice recordings to their identities. Only the voice recording is sent to Google, no other identifying information is included in the request. Therefore Google's STT service does not know if an individual person is making thousands of requests, or if thousands of people are making a small number of requests each.
Well, unless Google does voiceprint analysis. But Google wouldn't do that, would they? /s
Beyond that, if I'm reading right, local STT will still require a separate STT server. It won't run on the Mark II itself, right?
That doesn't really answer my question though. The problem is that Google is handing over data, not what method is being used to try and access that data.
Knowing who talks to who, at what times, the type and approximate size of messages, the members of groups, and the contents of the phone book of every user gives enough information to keep their business model without exposing them to court orders asking for the plaintext
Similarly Google runs 8.8.8.8 so they know what services you use that aren’t HTTP that they don’t have bugged already.
If other devices in your network send data to Google, the network is uniquely identifiable by Google, no matter what individual devices of guests etc. do.
If I take out a warrant against someone, and they then deliver the data on that person from the servers at Google rather than the user's device, what would you call it?
I would call it 'directly from the servers'. It's likely used to distinguish client vs server side. Not the actual technical mechanism.
So instead of sending the data to Google encrypted for them to analyze, it analyzes the data on your device and sends that data to Google encrypted for them to combine the results.
But your data still gets sent to Google. I don't see the difference. It's just another layer on top.
I don't get this. Clearly the contents is served by Google, and so they can do whatever they like with it. How is an end user going to know whether the message was signed before it was passed on or not?
No single passive adversary gets all three. The information moves from the phones to *.whispersystems.org, then in a big fat stream to Google, then from Google to the recipient phones.
Part of the contract terms include not delivering log data to Google for this service, among other things that help ensure that this separation of knowledge is upheld.
reply