Google: Hunting for Not Us

June 26, 2019

There was a dust up about song lyrics. As I recall, the responsibility did not fall upon the impossibly magnificent Google shoulders. A supplier may have acted in a manner which some “genius” thinks is a third party’s problem. Yep, a supplier.

I just read “Tracing the Supply Chain Attack on Android.” The write up explained that malware with impossible to remember and spell names like Yehuo found its way on to Android phones via the “supply chain.” I don’t know much about supply chains, but I think these are third parties who do work for a company. The idea is that someone at one firm contracts with the third party to perform work. When I worked as a “third party,” I recall people who were paying me taking actions; for example, texting, visiting, emailing, requiring me or my colleagues to attend meetings in which some of the people in charge fiddled with their mobile devices, and fidgeted.

The write up digs through quite a bit of data and reports many interesting details.

However, there is one point which is not included in the write up: Google appears to find itself looking at a third party as a bad actor. What unites the “genius” affair and the pre installed malware.

Google management processes?

Yes, that’s one possible answer. Who said something along the lines that if one creates chaos, that entity must address the problems created by chaos?

But if a third party did it, whose problem is it anyway?

Stephen E Arnold, June 26, 2019

Comments

Got something to say?





  • Archives

  • Recent Posts

  • Meta