Если вам есть, что сказать сообществу профессионалов ИБ и ИТ – заведите здесь свой блог

Should We Allow Bulk Searching of Cloud Archives?

Аватар пользователя schneier
Автор: Шнайер Брюс,
(0)
()
Об авторе: 
Американский криптограф, доктор в области компьютерных наук и популярный автор книг по ИБ. Основатель криптографической компании Counterpane Internet Security. Ранее работал на Министерство обороны США.

Jonathan Zittrain proposes a very interesting hypothetical:

Suppose a laptop were found at the apartment of one of the perpetrators of last year's Paris attacks. It's searched by the authorities pursuant to a warrant, and they find a file on the laptop that's a set of instructions for carrying out the attacks.

The discovery would surely help in the prosecution of the laptop's owner, tying him to the crime. But a junior prosecutor has a further idea. The private document was likely shared among other conspirators, some of whom are still on the run or unknown entirely. Surely Google has the ability to run a search of all Gmail inboxes, outboxes, and message drafts folders, plus Google Drive cloud storage, to see if any of its 900 million users are currently in possession of that exact document. If Google could be persuaded or ordered to run the search, it could generate a list of only those Google accounts possessing the precise file ­ and all other Google users would remain undisturbed, except for the briefest of computerized "touches" on their accounts to see if the file reposed there.

He then goes through the reasons why Google should run the search, and then reasons why Google shouldn't -- and finally says what he would do.

I think it's important to think through hypotheticals like this before they happen. We're better able to reason about them now, when they are just hypothetical.

 
Комментарии в Facebook
 

Вы сообщаете об ошибке в следующем тексте:
Нажмите кнопку «Сообщить об ошибке», чтобы отправить сообщение. Вы также можете добавить комментарий.