Yesterday’s big Google news involved the revelation that a software glitch in Google+ had left data from hundreds of thousands users vulnerable. But today, Google is pushing a message of privacy. At its big hardware event in New York, Google executives repeatedly emphasized that security is baked into all of the company’s products.
“The big breakthroughs you’re going to see are not in hardware alone,” said Rick Osterloh, Google’s senior VP of hardware at Google. “By combining Titan Security both in the data center and on devices, we’ve created a closed loop for your data across the Google ecosystem.” He then promised that there would be more talk of security efforts throughout the program.
Google Titan first emerged roughly a year ago as a homegrown chip to secure Google’s cloud. It debuted at the 2017 Cloud Next event in San Francisco as a meaty promise to protect enterprise client data. The chip allows Google to prevent unauthorized access at the processor level, and it also scans hardware for tampering. “It allows us to maintain a level of understanding in our supply chain that we otherwise wouldn’t have,” Neal Mueller, Google’s cloud marketing head, told Reuters last year.
Titan takes on new relevance both in light of the Google+ vulnerability, but also Bloomberg’s report that hackers are infiltrating big tech companies at the chip level. (Apple, Amazon, and the U.S. government have denied the substance of Bloomberg’s reporting, but the risk is real.)
While Google’s secure chips may have started in the cloud, they’re now embedded in the new gadgets the company announced today: the Pixel 3 smartphone, Pixel Slate tablet, and Google Home Hub smart display/smart-home controller. Of course, security has been a component of such devices before, but Google doesn’t often call it out so bluntly.
“We specifically did not put a camera on Home Hub,” said Diya Jolly, Google’s VP for product management, as she revealed the new device, which is a digital picture frame that can also read back calendar events, weather, and traffic reports (of course, it does search, too). Jolly said that Google recognized that people may not want cameras in the most private areas of their home, like a bedroom. But it was a strange call-out, since Google already puts cameras in your home through the Pixel phones and Nest Cam home-security cameras.
That’s why it’s always made sense for Google to stay away from positioning itself as a privacy advocate like Apple does, for instance. Fundamentally, it isn’t one. Regardless of the glossy product updates and push into hardware, Google still makes the vast majority of its money putting ads against gobs of user data. All these other products are essentially ventricles that feed into Google’s great body of user data. It not only sees everything you search for, it wants to handle the lock on your doors, the security cameras on your property, and the temperature of your domicile.
But the company can promise the information you share with it will remain secret—at least between you and Google. In August, Google launched a $50 multi-factor authentication key for consumers, a technology typically reserved for big enterprise and government workers. Even if Google wants to give this level of security to the masses, the problem is that people don’t want to make the effort to secure themselves: In January, at the Usenix Enigma security conference, a Google engineer told attendees that only 10% of Gmail users use two-factor authentication to make life harder for hackers.
The messaging at Google’s hardware event takes a different approach. The company is saying it’s focused on protecting your data—even if you aren’t.