They should implement safeguards to safeguard the safeguards, I reckon.
Google Drive ate our homework! Doc block blamed on code blunder
An indeterminate but supposedly small number of Google Docs users on Tuesday found that their essays, reports, school assignments, tracts, and manifestos had run afoul of Google's terms of service and had been made inaccessible. Some users reported being unable to share their documents; others said their documents could not be …
COMMENTS
-
-
Wednesday 1st November 2017 13:46 GMT Anonymous Coward
Safeguards?
"Google offers Docs and Drive under the usual rules, which disallow abusive or illegal content. In most circumstances, it does not scrutinize private content stored on its servers, though it does have automated systems in place for detecting illegal images, at least in Gmail." (My emphasis)
Hmm... difficult to imagine that an 'article on Eastern Europe's post-socialist policies' would contain 'illegal' images, or that 'an assistant professor of history at the University of Nebraska at Omaha,' would similarly be incorporating 'illegal' images in his documents, from which we have to conclude that, in addition to scanning for 'illegal' images, Google routinely and systematically scans all documents stored on Docs and Drive for semantic content, presumably word strings and phrases, and probably at the behest of the TLAs.
All your documents are belong to us - there are no safeguards.
-
Tuesday 31st October 2017 22:16 GMT TReko
Vapourous clouds
As has been said on 'el Reg many times: "the cloud" is just someone else's computer. Docs is a word processor hosted on Google's servers.
If you are getting it for free, you have very limited support options from Google. If you want to use it make sure you have a local backup, using an app like SyncDocs that converts Word to Docs and back again, otherwise one day all your Docs could be gone.
-
Wednesday 1st November 2017 00:39 GMT Anonymous Coward
Re: Vapourous clouds
""the cloud" is just someone else's computer."
While of course technically that is true... Google's architecture is space age. Gmail for instance encrypts and shards the database for your email across hundreds of servers across multiple geographically dispersed data centers. Your computer doesn't do that.
-
Wednesday 1st November 2017 01:27 GMT Steven Raith
Re: Vapourous clouds
It's not about the hardware, or the architecture, it's about the control.
When people say the cloud is someone elses server, it's the someone else part that's the point - it's down to them what lives on that server, and you have basically zero say on that.
Your computer might not have whizzbang replication across multiple continents, but if you set up a script to remove all references to titties and run it on your porn collection, at least that's something you have done, and it's highly unlikely to have effectively done it itself.
Steven "doesn't back anything up because all his data is worthless" R
-
Wednesday 1st November 2017 04:30 GMT Tim Seventh
Re: Vapourous clouds
"""the cloud" is just someone else's computer."
While of course technically that is true... Google's architecture is space age. Gmail for instance encrypts and shards the database for your email across hundreds of servers across multiple geographically dispersed data centers. Your computer doesn't do that."
Data centers are still computers. Also you don't own it, it's not yours. So it's still "just someone else's computer".
-
Wednesday 1st November 2017 09:46 GMT Doctor Syntax
Re: Vapourous clouds
"Gmail for instance encrypts and shards the database for your email across hundreds of servers across multiple geographically dispersed data centers. Your computer doesn't do that."
No, it doesn't. It keeps it out of US jurisdiction. Even out of extravagantly claimed US jurisdiction.
-
Wednesday 1st November 2017 10:38 GMT Zippy's Sausage Factory
Re: Vapourous clouds
No, it doesn't. It keeps it out of US jurisdiction. Even out of extravagantly claimed US jurisdiction.
Are you sure about that? Because I'm not...
-
Wednesday 1st November 2017 11:21 GMT Doctor Syntax
Re: Vapourous clouds
"Are you sure about that? Because I'm not."
We're on the same wavelength. The OP wrote "Yours [i.e. your computer" doesn't do that [i.e. shard data and store it in multiple geographically dispersed data centres]." He was right. My computer doesn't do that. It stores it out of Google's reach. Even my mail service provider is UK-based.
-
-
Wednesday 1st November 2017 11:27 GMT Alan Brown
Re: Vapourous clouds
"It keeps it out of US jurisdiction."
No, it doesn't. $orkplace didn't use them for corporate mail because they explicitly WOULD NOT provide a guarantee that data could be held out of US jurisdiction. It goes everywhere.
By contrast, MS's Outlook system keeps EU mail housed in the EU.
-
Wednesday 1st November 2017 13:18 GMT Ben Tasker
Re: Vapourous clouds
"It keeps it out of US jurisdiction."
No, it doesn't. $orkplace didn't use them for corporate mail because they explicitly WOULD NOT provide a guarantee that data could be held out of US jurisdiction. It goes everywhere.
The poster you're replying to is saying that using his own computer instead of Google keeps it out of US jurisdiction. Which is true (depending on where you're based....)
Whether MS's solution does or not is something we're likely to see in the near future.
-
Friday 17th November 2017 04:03 GMT Anonymous Coward
Re: Vapourous clouds
"No, it doesn't. $orkplace didn't use them for corporate mail because they explicitly WOULD NOT provide a guarantee that data could be held out of US jurisdiction. It goes everywhere.
By contrast, MS's Outlook system keeps EU mail housed in the EU."
That's true. Google is creating a regionalized Gmail service for companies who want to ensure that EU data does not leave the EU, or whatever region you are in. This is really for pedantic IT security teams. Google's model is infinitely more secure than some Exchange server sitting in a single data center... also infinitely more reliable and performant. The beauty of Google's architecture is that your data is everywhere and no where. Do you want your data to be in the EU? Then it is in the EU. Do you not want your data to be in the EU? Then it is not in the EU. You decide when to bring the data shards back together and where.
-
-
-
Wednesday 1st November 2017 11:08 GMT Anonymous Coward
Re: Vapourous clouds
"Gmail for instance encrypts and shards the database for your email across hundreds of servers across multiple geographically dispersed data centers. Your computer doesn't do that."
It doesn't need to - there are these wonderful inventions called memory sticks that you can back up data to and before them we had zip and floppy disks. Using the cloud brings nothing to the table with regards to backups for private users unless you're worried about your house being burgled and everything including that memory stick you hide in a sock in the loft being stolen.
-
-
-
Tuesday 31st October 2017 22:38 GMT jelabarre59
GDoc sync
There's why I have a script that backs-up my Google Drive to my home computer (one-way sync to Linux). I had to hunt down some script that would make local ODT copies of my GoogleDocs, since even on MSWin the sync doesn't copy GDocs as usable files, and I'm not about to let Google oops-delete my fanfic and space opera (I use GDocs so I can work on them with whatever computer/tablet I'm using at the moment).
-
-
-
Friday 3rd November 2017 07:53 GMT Kiwi
Re: GDoc sync
I use NextCloud for this purpose. Syncs my docs between my laptops and PCs and automatically stores a copy of my and my wife's phone photos.
Just lacks the geographically isolated backup, ie backup in another area.
But here's a thought; since Nextcloud can be made to encrypt the files on the server end, set your server up and a mate's place and set their server up at yours (assuming you have the bandwidth of course). That way if your house burns down he has your data etc. (and assuming your data is valuable enough to bother).
You might also want to look at adding openvpn+pihole to that server, to protect the phones while you're out&about if you use other's wifi. Dunno about on Android but took only a few minutes to set both up on my mate's media machine (always on, why not make use of it for something more than just gogglebox guff)
-
-
-
-
Wednesday 1st November 2017 08:19 GMT Anonymous Coward
No worries.
merely a side effect of using "Agile" methodology wrongly. FTFY. You can bitch about it all you like but some companies get real benefits from using Agile, but you have to commit and do it properly. A thorough testing regime is part of doing Agile properly.
Lots of software houses say they're Agile but just use it as an excuse to punt shit software. You'll often find these were the same companies punting shit software using waterfall. It's not the methodology that's the problem.
-
-
Tuesday 31st October 2017 23:47 GMT Oh Homer
Modern day serfdom
This "Cloud" thing is just part of the rapidly growing trend of denying real property rights to the masses, as it gets hoovered up by corporate monopolists, then "rented" back to us.
Terms and conditions apply. The specific terms and conditions are that you have no rights whatsoever. They get everything and, in the end, you are left with nothing.
-
Wednesday 1st November 2017 00:54 GMT Anonymous Coward
Re: Modern day serfdom
Meh, most of this stuff is free and just works. I would rather have that than "real" property rights by paying for Office on a PC... until the next version of Office comes out and everything is incompatible. That is in practice just renting stuff too and the rent is high.
-
Wednesday 1st November 2017 08:40 GMT Anonymous Coward
Re: Modern day serfdom
I would rather have that than "real" property rights by paying for Office on a PC... until the next version of Office comes out and everything is incompatible. That is in practice just renting stuff too and the rent is high.
LibreOffice. Local install, low update frequency (because they update because it's needed, not because they want to flog you a new version), stable UI. No need to sign away your firstborn and privacy and still think it's free. As far as I can tell, Google is a actually con job for stealing IP across the globe.
-
Wednesday 1st November 2017 09:52 GMT Doctor Syntax
Re: Modern day serfdom
I would rather have that than "real" property rights by paying for Office on a PC... until the next version of Office comes out and everything is incompatible.
You do realise, don't you, that there are similarly free good, working alternatives that you can run on your own computer? Or maybe you don't.
-
Wednesday 1st November 2017 13:00 GMT WolfFan
Re: Modern day serfdom
Meh, most of this stuff is free and just works. I would rather have that than "real" property rights by paying for Office on a PC... until the next version of Office comes out and everything is incompatible. That is in practice just renting stuff too and the rent is high.
Interesting. I have a number of different computers at home. I have iWork (free) on all the Macs and (free, or a max of $10, due to perfectly legal shenanigans involving MS's Home Use Program. Look it up...) Office 2010, 2013, and 2016 on the Windows boxes. One of the Macs also has Office 2011, another has Office 2016, also courtesy of the HUP. I also have LibreOffice installed on all computers. Depending on exactly what I need to do I pick a Mac or a Windows box, and then play with iWork (usually with Pages or Keynote, Numbers stinks) or Office (usually Word or Excel, Access stinks worse than Numbers), rarely LibreOffice. The most that I've paid for Office in over a decade is $10. OneDrive is turned off; Microsoft yelps at me on startup. I ignore them. iCloud is turned off; Apple yelps at me on startup. I ignore them. My documents live on my machines. At the office we have Office 2010 and 2013 on the Windows machines and Office 2011 on the Macs. Office 2016, 2013, 2011, and 2010 all can and do read documents created as far back as Office 97, and can and do create documents which can be used by versions of Office as far back as Office 97. I would say that 20 years of backwards compatibility would be sufficient for most needs, but that's me. I'd also say that $10 every now and again for 20 years is hardly exorbitant, but again that's me. And if MS ever kills the HUP, which it might as more and more people take advantage of it instead of paying full freight or going with Office 365, LibreOffice is always there, and is totally, 100%, free. And stores your documents on your own machines, unless you deliberately put them elsewhere.
The probability of my using Google Docs is quite low. I have been known to place documents in DropBox... and then, once they have been copied elsewhere, removing them. Nothing around here is saved on other people's cloudy stuff.
-
Wednesday 1st November 2017 14:23 GMT Muscleguy
Re: Modern day serfdom
I cannot access iCloud. This is a hand me down machine and it wants the long string code used to set it up before it will let me log on. This is by far the most modern Mac in the house and nothing else is new enough to be used as the other verifying device.
There is NO way around this which does not involve a new(er) piece of Apple kit. I lose no sleep over it.
-
-
Wednesday 1st November 2017 08:47 GMT Korev
Re: Modern day serfdom
This "Cloud" thing is just part of the rapidly growing trend of denying real property rights to the masses, as it gets hoovered up by corporate monopolists, then "rented" back to us.
Adobe have just done this to Lightroom and are getting absolutely slated for it. They even said in the past that it'd offer it "indefinitely" before changing their minds.
-
Wednesday 1st November 2017 12:59 GMT phuzz
Re: Modern day serfdom
"rapidly growing trend of denying real property rights to the masses"
Lets face it, over the span of human history, the vast majority of people have effectively been owned by their local lord, so really this is just going back to the status quo.
Democracy and freedom are just a wee blip on the historical record, and some days it looks like a blip which is going to be forgotten about shortly.
My, I'm cheery today :)
-
-
This post has been deleted by its author
-
Wednesday 1st November 2017 00:34 GMT Anonymous Coward
Misreading the problem
The problem here is not cloud. This appears to have be a very limited user count bug (I noticed no disruption to Drive this week). The problem here is security run amok... and it happens on prem or in the cloud. Companies are making their content so secure that not even the users can access it (perfect security is the eyes of infosec teams). Every year they layer on another set of burdensome security features.... I wonder what the total productivity loss is for something as trivial as users getting locked out of accounts because they can't remember their 68 character/number long password is... or just having to use some 90s VPN to access corporate content. The cure is worse than the disease.
-
Wednesday 1st November 2017 07:57 GMT Anonymous Coward
Re: Misreading the problem
Not really sure why people are downvoting you. Perhaps it's because you are vaguely implying that you should get rid of security.
Sensible security is what's important and very few places implement it. Changing my password every 90 days will not make my data more secure. It will make it less secure because I will choose easier to remember passwords or be forced to write them down.
A lengthy, difficult to guess passphrase makes more sense. And rather than forcing me to keep changing it, tell me when someone has entered it incorrectly, including where this attempt originated. If they keep doing it, block them.
Oh and have two-factor on everything.
-
-
Friday 17th November 2017 04:22 GMT Anonymous Coward
Re: Misreading the problem
"no more difficult for a company to control another company's policies than it is to control its own."
Yes, that was my implication. It is not like HIPAA, for instance, is way different at one hospital than the next hospital. These security regulations and mandates are uniform by their nature. They are trying to get people to do IT security exactly the same way, generally a way that is highly secure, as opposed to all kinds of companies doing whatever they want. A centralized company, like a major cloud provider, is way better resourced to do that than some mid sized company that is not in the tech industry.... Everyone gets that when they buy security software from some third party company as opposed to writing their own security software.
-
-
Friday 17th November 2017 04:17 GMT Anonymous Coward
Re: Misreading the problem
Agree. Obviously there should be security, but if that security imposes a burden on the end user... build a better security architecture. IT security also doesn't recognize that there is a trade off. You can make something ultra secure through their burdensome methods and productivity goes down. Now having no security would result in higher productivity but that is right either. There should be a balance between the value of the info you are guarding and productivity. If it really is critical data, then it is fine to make it a pain to access. If it is just some random user working with non critical data, then lighten up.... There is no incentive in place for IT security to do that though. If it takes two years to roll out a new service because of all their regulations and a market opportunity is missed as a result, it doesn't come back to them.
-
-
Wednesday 1st November 2017 09:55 GMT Doctor Syntax
Re: Misreading the problem
"Companies are making their content so secure that not even the users can access it "
That, when it happens, is in the control of the company concerned. It's not only the responsibility but also within the power of the company to manage it. When it's another company doing it it's not so easily resolvable.
-
-
Wednesday 1st November 2017 07:08 GMT Anonymous Coward
It wasn't just the flagging, it's Google scans your documents
This wasn't just a remote access issue, it's worse, Google scans your documents. Whatever you put in the cloud will be scanned for legal reasons, and especially for profit. Why they should give you free space and apps, otherwise? Keep your data local, on an OS which doesn't scan everything also. You can't really trust Google and Microsoft.
-
Wednesday 1st November 2017 07:41 GMT Anonymous Coward
Re: It wasn't just the flagging, it's Google scans your documents
I trust Google !ore than Apple, Microsoft or Facebook.
Google terms are very straightforward, clear on a concise,. Apple are very vague about how the monitise your data. They openly admit they do, but you have to drill down into slot of data to see what and how they do it.
For these cretins, they were only being blocked FROM VIEWING AND SHARING these docs, they could download them from drive site, they could also have installed the drive sync client too.
Snowflake drama queens basically....
-
Wednesday 1st November 2017 08:21 GMT Anonymous Coward
Re: It wasn't just the flagging, it's Google scans your documents
"Google terms are very straightforward, clear on a concise,"
I'll just leave this here.
http://www.independent.co.uk/news/business/news/facebook-germany-cartel-office-personal-data-user-accounts-extorts-antitrust-eu-social-media-network-a7820331.html
Also did I agree to any of Google's T&C's when I visited this page?
-
Wednesday 1st November 2017 08:46 GMT Anonymous Coward
Re: It wasn't just the flagging, it's Google scans your documents
I trust Google !ore than Apple, Microsoft or Facebook.
Poor you. There's only one in that list who doesn't monetise content, and that's the one you are whinging about.
Google terms are very straightforward, clear on a concise
Except when you visit a site and Google Analytics logs you despite Do Not Track enabled (because, for some reason us mortals are not privy to, Google cannot code exceptions to that and want you to install a plugin for privacy. Yeah, right. Nice try). Except when you fill in a webform and click the Google "I am not a robot" CAPTCHA and thus agreed to share the details of your website visit despite this being in TOTAL violation of EU data protection laws (click the super tiny 4 point font links on the button to find out). We're talking about the same company here, no?
-
Wednesday 1st November 2017 11:27 GMT Doctor Syntax
Re: It wasn't just the flagging, it's Google scans your documents
"For these cretins, they were only being blocked FROM VIEWING AND SHARING these docs"
AIUI one of the purposes of Google docs is to allow online editing by multiple users which requires viewing and sharing rather than downloading.
-
Friday 3rd November 2017 08:59 GMT Kiwi
Re: It wasn't just the flagging, it's Google scans your documents
Google terms are very straightforward, clear on a concise,
Yes, "we have a perpetual right to use, copy, make derivatives of and sell your IP. You no longer have control over it once we get it. Even if you yourself don't provide it to us."
(paraphrased)
-
-
-
Wednesday 1st November 2017 08:36 GMT Anonymous Coward
What is Google doing reading people's documents?
Sorry, I don't care what the excuse is, it's none of their business. Imagine someone writing a novel - as soon as you get to the scenes about criminals the document gets yanked.
Even if they yank it, the correct process would be a warning to remove the document and a time limit to do it in - this is other people's intellectual property.
Well, at least now you know who has been given the Stazi job in Trump land.
-
Wednesday 1st November 2017 10:11 GMT Anonymous Coward
Re: What is Google doing reading people's documents?
"Well, at least now you know who has been given the Stazi job in Trump land."
Don't connect the stasi bit to Trump, that is all too easy.
Google was there long before Trump got into the oval room.
Google will be there long after Trump is gone, same goes for FartBook and Microsoft.
-
Wednesday 1st November 2017 11:14 GMT Nick Ryan
Re: What is Google doing reading people's documents?
Much as I like to bash big faceless corporates as much as the next commentard... reading the article helps. The contents of google docs is report monitored, as in individuals have to report inappropriate content and google act on these reports, it is not actively scanned and monitored. However where google stuffed up is that they applied this process to random documents and not the intended documents.
-
-
Wednesday 1st November 2017 11:17 GMT Cuddles
Swept away
"The incident prompted reiterations of longstanding concerns about the downside of cloud-based services, namely that files stored remotely can be swept away at any time for any reason."
While this is true, the trouble with criticising cloud services for this is that it's also true for everything else. The only difference with cloudy things is whose fault it is when something bad happens. But importantly, the majority of people aren't particularly competent and are much more likely to cause said bad things to happen in the first place - how many people are constantly accidentally deleting files, losing discs/CDs/USB sticks, pouring coffee in their laptop, having fires, flooding, and so on? Millions. But you never hear about them because each one is a tiny, uninteresting event that affects only the person who did it. When Google screws up it makes the news because it can affect millions of people in one go, but overall it almost certainly cause less trouble than if those millions had been left to their own devices and allowed to screw up individually.
As others have noted, the real problem in this particular case appears to be that Google are reading your private files and blocking your own access to them. Nothing was actually lost, just a temporary inconvenience in accessing them, so the actual damage was essentially zero compared to what those millions of average users would have done themselves when accidentally feeding their CDs to the dog. But the dog wouldn't have been reading those files and potentially exposing them to everyone on the internet when the inevitable hack occurs. For average people who can't do security and backup themselves, it's essentially a choice between keeping things private but not safe, or safe but not private.
-
Wednesday 1st November 2017 11:49 GMT Doctor Syntax
Re: Swept away
"But you never hear about them because each one is a tiny, uninteresting event that affects only the person who did it."
It depends. If you lose your own data the part I've highlighted is true.
If, on the other hand, you're a DBA or sysadmin for your own company it can affect multiple users. If you're any good in that role it makes you a bit paranoid because they're colleagues and the potential effects on the overall ability of the company to function affects its ability to keep paying you. That's without the separate risk of being fired. But you'll never hear about those cases because unless they're serious enough to have visible knock-on consequences to the company's performance they'll not be publicised.
Only if the data is that of other companies where, as here, the data is that of clients will the situation be immediately and conspicuously public.
It's as well to remember that the number of staff won't scale as fast as the size of the system. The in-house staff for a small business might still be one, just as with the individual data holder. With a larger business it will still only be a comparative handful. At Google scale the staff to user ratio will be minute. Providing the situation can be retrieved in bulk it's not a problem but if it had to be handled on a case-by-case basis sorting out a "small percentage" at Google scale could become nigh on impossible.
-
-
Wednesday 1st November 2017 23:29 GMT Anonymous Coward
Letting strangers control your private files
The unfortunate thing about cloud services is that it gives the governments of the world the ability to scrutinize your content. (Check out the current court case in the US, where on appeal, the court decided that a US warrant service on the US company for data it held overseas about a foreigner was fair game! i.e. the US government can get at anything a US company can access)
Additionally, your content potentially only a simple change in Terms Of Service away from being deleted. (Hint: Keep backups yourself or with multiple providers)