Home Open Sauce Google unveils its latest bit of security theatre

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Google unveils its latest bit of security theatre

From time to time, Google makes an attempt to try and convince the world at large that it takes security seriously. Its latest stunt is to announce that from July 2018 onwards it will be marking all pages that are not using secure protocols as insecure when viewed in its Chrome browser.

If only the company showed a fraction of the efforts it puts into PR into making its ubiquitous properties actually secure!

Google is extremely good at what security expert Bruce Schneier calls security theatre. Schneier coined the term to describe the over-abundant security measures that the US adopted after the 9/11 attacks – all of which do little to actually enhance people's security.

The search engine giant is very good at security theatre.

Given its profile and wide usage — Chrome, for reasons best known to its users, enjoys something like a 56% share of the browser market — any action that the company takes necessarily appears prominent. The announcement, by the way, is titled "A secure Web is here to stay", indeed a laughable headline if ever there was one.

But what is the point when SSL encrypted threats are rising by the day? That little lock on a browser bar before the URL means little these days.

Recently, the removal of about 700,000 malicious apps from the Google Play store was touted by the search behemoth as some kind of indication that it is concerned about security.

When this was announced, there were some stupid lines spoken by the Google Play product manager, Andrew Ahn, that “you have a lower probability of being infected by malware from Play than being hit by lightning".

theatre large

There was no statement about how so many malicious apps came to be in the Play store in the first place. Android, remember, is almost 10 years old. By now if there is no proper security structure, then when it will ever be put in place?

Back in 2011, Google's Chris Di Bona posted a rant on Google+, using the argument about open source being more secure to try and argue that Android was in the same bucket.

Of course, Di Bona did not tell people that Android is only open source as far as the kernel goes – which is a modified Linux kernel that is under the GNU General Public Licence. That licence ensures that if anyone changes the source and then distributes it along with the changes, then that changed source in its entirety has to be made available to anyone who wants it.

The rest of Android is under various licences that allow Google to lock up the code and never provide it to anyone.

Every company that uses Android has to license the Google apps that are part of its ecosystem. They have no choice, else they can build their own.

Open source may be secure, but that has nothing to do with Google. Yet who questions it?

Android security is so bad that security professionals are now starting to compare it with Windows, the operating system produced by a company that has often been called the Typhoid Mary of the Internet.

From time to time, Google finds some security flaw or the other in another company's products and makes a big song and dance about it. This does wonders for Google as it embarrasses its rivals and deflects people's attention from all the snooping that Google does through its various Web properties.

Today, as iTWire  reported, India has become the latest to fine Google for anti-competitive practices. One doubts it will be the last country to do so.

But given the manner in which Google is treated by the US mainstream and other media, who put on kid gloves whenever they discuss the company and its affairs, it is unlikely that there will be any change.

Only when it is exposed for the charade that it puts on and put to shame will there be change. Let's hope the rest of the world joins the EU in making the company pay for its anti-people practices.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.