“As the person who (in my role as an OpenStreetMap system administrator) first discovered this `incident' let me start by saying that I consider this post to be grossly irresponsible and wholly inappropriate.
[ … ]
It seems to me that this is just an attempt to get some cheap publicity by trying to like the project to the Mocality incident, and I cannot support such behaviour.”
For reference, here is the full comment by Hughes, including his follow up noting the blog post was personal, not representing the official position of OSMF.
Tom Hughes said...
As the person who (in my role as an OpenStreetMap system administrator) first discovered this `incident' let me start by saying that I consider this post to be grossly irresponsible and wholly inappropriate.
The board of OSMF are making mountains out of tiny pimples here. It seems that they want this to be some sort of organised corporate malfeasance on the part of Google which is why they have tried to link it to the recent Mocality incident where there was indeed clear evidence of such behaviour.
The reality in this case is that there is no evidence that this is any different to the numerous other incidents we get all the time where users either accidentally or deliberately make bogus edits. The only difference in this case is that there happen to be two accounts (though we do not know if that is two people) and the user or users involved happen to (presumably) work for Google.
That is the sum total of what we know, and on the back of that, and without approaching Google at all, two leading board members have decided to reveal personal information about two of our users.
It seems to me that this is just an attempt to get some cheap publicity by trying to like the project to the Mocality incident, and I cannot support such behaviour.
Tom Hughes said...
I am told that this posting was in fact made in a personal capacity and as such any suggestion on my part that it represents an official position of the OSMF board is incorrect and should be disregarded.
"I am told that this posting was in fact made in a personal capacity and as such any suggestion on my part that it represents an official position of the OSMF board is incorrect and should be disregarded."
If the systems admin. of a for profit company left this kind of comment on a board members post would they expect to stay employed at that company?
It may be a non-profit but the board members are still the ultimate bosses above the CEO. Calling your bosses behavior "grossly irresponsible" in public forum seems like it would be career limiting.
"The board of OSMF are making mountains out of tiny pimples here. It seems that they want this to be some sort of organised corporate malfeasance on the part of Google which is why they have tried to link it to the recent Mocality incident where there was indeed clear evidence of such behaviour.
"The reality in this case is that there is no evidence that this is any different to the numerous other incidents we get all the time where users either accidentally or deliberately make bogus edits. The only difference in this case is that there happen to be two accounts (though we do not know if that is two people) and the user or users involved happen to (presumably) work for Google.
"That is the sum total of what we know, and on the back of that, and without approaching Google at all, two leading board members have decided to reveal personal information about two of our users."
I think the boards concens and response is fair enough, google employees have an obvious potential conflict of interest if they are vandalizing maps, even if they are acting by their own volition it is still something I would expect Google to take action around and publicly not condone, assuming even the most innocent of circumstance.
Has Google released any statement beyond the one that said "We were mortified to learn that a team of people..."?
I'm overly curious on the results from Google's investigation.
I can see the connection with Mocality being mentioned, but vandalizing seems odd.
I would venture that this is coincidental.
Pick any branch office of a large enterprise or government and run a search for the IPs they use to access the internet.
You'll find vandalism on Wikipedia, ancient guestbook messages, mailing list postings, etc.
I'm certainly not a Google apologist, but this just seems fishy.
If these are the same as the Mocality people, I wonder how long before Google audits and fires them? I also wonder if we'll find out about any more wrongdoing.
I'm really suspicious of any claim that the top brass at Google honestly knew nothing about it... (What would these employees even have to gain? It's not like they have much to gain if Google's stock goes up, and if they're hiding this from management, they're not getting paid for it.)
Define "top brass". If you're saying some upper-middle management at Google India, possibly. If you're saying that this is being done at the VP level, I think that's a bit tin-hatty for what we've seen so far.
Regardless of whether or not you think Google is strategically sabotaging other projects, I think we can all agree that if it were under the direction of Google's top brass, they would have been smart enough not to use their own IPs. It's not an organization to which one would attribute less technological accumen than your average Wikipedia vandal.
Because Google employees generally have latitude to do whatever they want with their Internet connection at work. Even bad OSM edits.
If we start blaming whoever an IP resolves to for vandalism, you're going to find that pretty much every major corporation has vandalized Wikipedia. (When I worked at BAC, our proxy was perma-banned for vandalism.) Not to mention the ISPs; Comcast is a notorious Wikipedia vandal (by this logic).
It could also just be a broken bot. You'd think Google would be smart enough to know not to POST 100k times to an outside service, but it's possible there's someone in the ranks who just doesn't know what they are doing.
The 100,000 hits by 17 accounts took place over a year could be 99.9% valid contributions. They mentioned that number because they have recently noted 2 accounts vandalising and so it's probably wise to check the other interactions in case they are subtle vandalism by the same person/people that went unnoticed at the time but that it'll take time to confirm either way.
We're aware of OpenStreetMap's claims that vandalism of OSM is occurring from accounts originating at a Google IP address. We are investigating the matter and will have more information as soon as possible
In a case like this, that is a bit tricky. This could be Joe (or Jabul) Random Googler in India on a lark. Or it could be something organized, probably at a small level.
Contacting someone in Google Maps might help -- this would at least be a business unit that has some interest in not generating ill will. Google IO is a conference with lot of Googlers. There's a presentation about Google Maps, and if they aren't the right people to talk to, you could probably ask them who a good contact would be: http://www.google.com/events/io/2011/sessions/designing-maps...
PR people are usually a very good contact. News can break 24 hours a day, so they're usually very available. If you're about to spill the beans on something that can be very embarrassing, they will connect you with the right person. If they don't, they're on the hook for cleaning up the mess.
that says they didn't copy results by looking at google directly, but by watching users that use google.
With the number of IE users, the difference is only in how they achieved it, not whether they did it.
Provide actual facts for a start. Currently they are just pointing the finger without any kind of explaination as to how they came to their conclusion.
I disagree: Actually the best way to get answers from a too-big-to-communicate company like Google is to make the whole process as transparent and out in the open as possible.
Google is notoriously difficult to contact for most people. One of the best ways to get them to respond is to let as many people as possible know about the issue at hand.
I've managed to contact a few different organizations in a few different ways.
I'm no fan of Microsoft (check post history), but when I found that a large volume of 419 spam was coming through Hotmail some years back, I looked up their main switchboard number, called, spoke briefly to the receptionist asking for the VP of the related unit (I'd looked up his name). She transferred me to him. He picked up on the first ring. I explained the situation briefly, we spoke for a few minutes, at the end of which he said he'd put me in touch with the guy who could fix things. Fifteen minutes later I was talking with him, and we exchanged information over the next few months as I helped him plug his holes. I am still highly impressed by the professionalism demonstrated at all levels. I'd also worked with Microsoft to resolve a GPL compliance issue (again, directly contacting the appropriate VP) again with minimal fuss.
A southeastern US university IT contractor who's private business was spamming me (and he was denying it) ended up with a series of emails escalating up the academic food chain, ultimately to the university president (.edu websites are, or at least were, wonderfully information rich). I eventually got the response I had hoped I'd get on first contact.
Another issue involving AOL at which numerous attempts to contact them failed. I ended up somewhat crashing (well, I did wrangle a late invite for a brief presentation) at which I presented data, including some which indicated AOL's little problem. Their chief postmaster was present. We talked a bit.
More recently, Yahoo have had issues in severely restricting mail delivery rates to Yahoo's MXs, even for long-existing, SPF/DKIM compliant MTAs. I'd gone endless rounds with their helpdesk and had repeatedly emailed (with no response) their CTO. So I sent a group email to a roster of their top (C-level and senior VP) staff, again with some data indicating issues (pflogsumm delivery stats showing hours of delay) and an introductory text "Gentlemen, you have a problem". That finally got a response in the form of a "Yahoo concierge" who spoke with me a couple of times and sorted the problem (and also promised a review of policies in general, in case anyone else is having issues).
Just a few anecdotes of different ways to get a company's attention. There's no one-size-fits-all approach, so be flexible. I generally try a direct private contact first, but ... well, if that doesn't work, I've got a bag of tricks I can pull out. Public shaming can work, but I'm willing to give the benefit of doubt first.
Update: Google sent the following statement to ReadWriteWeb on Tuesday morning. "The two people who made these changes were contractors acting on their own behalf while on the Google network. They are no longer working on Google projects."
“As the person who (in my role as an OpenStreetMap system administrator) first discovered this `incident' let me start by saying that I consider this post to be grossly irresponsible and wholly inappropriate.
[ … ]
It seems to me that this is just an attempt to get some cheap publicity by trying to like the project to the Mocality incident, and I cannot support such behaviour.”