Fwiw I think you're being mildly too revisionist in the other direction. The major issue with the hacking wasn't stealing source code, but attempts to access user data. Certainly accessing source code is bad, but imo in general Google protects user data much moreso than source code.
How is storing and cataloging reams of private data 'protecting' it? If your significant other was constantly noting every friend you talked to, every purchase you made, videotaping your every move, would you call that protecting them?
To protect a user's data, it shouldn't even be collected in the first place. I think a better choice of words is that Google does a better job at monopolizing user data.
Sure, but the corollary to that is that security is complicated. Do you really expect the average user to have a more secure system than what they would otherwise have. In other words, is a Gmail account more or less secure than what you would have otherwise.
I think the answer depends, but it certainly isn't always "less". There's some information that you have to store somewhere, and is having a world class security team who works to actively mitigate things like phishing better than storing it yourself?
I'm just saying not saving data is simpler than saving data and avoids the complication. The average user doesn't need 99% of the data that google saves about them and would have no reason to store it themselves. You can have phishing protection and the world class security team while also not saving the unnecessary data resulting in an even more secure model. Protonmail seems to be just as secure without requiring data collection, for example.
Right. If google were just black hats trying to help everyone with their data security, then OK. But, since they aren't, the mere fact that they have the personal data stored to begin with undermines it's security from the moment of storing it.
I had my car stolen last year. If I had found a note left that informed me it is in a secure place, I'm not sure I would have felt any better. And I'm not sure I would appreciate someone expecting me to.
I think the parent meant that they are very vigilant about not giving access to this data to anybody who is not affiliated with Google. Which makes a lot of sense for both business and privacy reasons - you don't want to let others access your valuable assets, and the backlash for leaking out the data usually is much larger than for just having it. Nobody cared about Equifax knowing everything about everyone until it was hacked.
Google protects the user data from access by others. The data is valuable only if Google alone has access to this data and can sell it as a monopoly premium product.
If everyone had access to the user data the value would be 0.
Of course, Google doesn't give a shit about protecting the privacy of their users, they hoover up all they can and then bunker it.
Haven't you seen wildlife documentaries where, say, lion A protects a zebra carcass (killed or stolen from other predators) from lion B, in order to eat enough of it?
Whatever the case, as someone inside Google, I’d urge you to resist this effort like many of your colleagues did with Project Maven.
Helping the Chinese government consolidate power by censoring information and silencing dissidents (among whatever else they’ll end up doing within the context of this partnership), is a dark road to go down. It will also undoubtedly set a dangerous precedent that will be demanded by like-minded regimes outside China.
(I work at Google)