Google Hacking Attacks


According to RFC 7258 of the Internet Engineering Task Force (IETF):

"Pervasive monitoring is an attack."

While this is meant to be applied to the Design Level of Internet hardware and software, it is ironical that it is not applied by Google at the Macro level of Application Development of its Chrome browser. (The situation is analogous to a robber carefully counting the money stolen during a robbery and declaring himself or herself an honest thief.) But the motivation is clear enough. Google is in the business of collecting and selling user data, and Google Chrome and Gmail are the breaking and entry tools by which they do it.

While selling user data is a dubious practice, outright hacking is a crime. S. LOUIS MARTIN is suing GOOGLE, INC. in Superior Court in San Francisco (CGD-14-539972, S. LOUIS MARTIN V GOOGLE, INC.). Thus hacking the computer of S. LOUIS MARTIN is doubly dubious. Nevertheless, this appears to be what has transpired during the period of 2 November 2014 through 3 February 2015.

Note that monitoring/hacking appears to drop off dramatically after the issue was raised in a 3 February 2015 court hearing.

netstat reports have been maintained by S. LOUIS MARTIN from 2 November 2014 through 20 March 2015. A zip of the reports can be obtained here:

www.coastnews.com/google/netstat/netstat.zip

They indicated a high level of TCP connectivity while running the Chrome browser, with especially high levels in these reports:

netstat-2014-11-18-n1 — 71 connections
netstat-2014-11-28-n1 — 88 connections
netstat-2014-12-03-n1 — 89 connections
netstat-2014-12-12-n1 — 60 connections
netstat-2015-01-10-n2 — 56 connections

netstat-2014-12-12-n1 is the most disturbing, showing 52 TCP connections to Martin's computer from Google servers, not just to websites or ads. This is a large number of connections that would normally require explanation. However, according to RFC 7258, no explanation is required. It is well known that these types of connections are used for monitoring the client (user Martin's computer in this case), and according to the ethos embodied in RFC 7258, they represent an attack on Plaintiff Martin's computer.

Note that HTTP 1.1 was the rule of the road on the Internet for TCP transmission during most of the time period referenced via the  netstat reports. HTTP2 has just been adopted by IETF, but according to Wikipedia,

As of the January 2015 last call, the HTTP/2 protocol is being criticized for not supporting opportunistic encryption, a feature like STARTTLS that has long been available in other internet protocols like SMTP. Poul-Henning Kamp, lead developer of varnish HTTP accelerator and a senior FreeBSD kernel developer, has criticized IETF for following a particular political agenda with HTTP/2.

States Kamp elsewhere:

The reason HTTP/2.0 does not improve privacy is that the big corporate backers have built their business model on top of the lack of privacy. They are very upset about NSA spying on just about everybody in the entire world, but they do not want to do anything that prevents them from doing the same thing.


In the case of S. LOUIS MARTIN V GOOGLE, INC., note also that high rates of data transfer have been observed—up to 8 MB/sec—initiated by Google Chrome while the browser is idle (not requesting a page). This has frequently been observed using Microsoft's Performance Monitor software (perform). Note also that, as expected, the performance of Martin's computer was severely degraded.

Martin is therefore asking the Internet Crime Complaint Center (IC3.gov) to investigate this matter.

Note: Strong circumstantial evidence of email blocking also exists, but that will be presented at a later date, as proof is more difficult to obtain. It is well known, however, that Google hacks email.


Sincerely,
Dr. S. Louis Martin