I am pretty sure that I can comprehend the tech that the NSA has and is capable of. They are signals agents, not wizards. This is not even rocket science, much less magic. Seriously, I have seen the boxes that the FBI places in a data center to monitor someone. It’s cool, but I could build a box that did the exact same thing. I’ve seen naughty customers and their crackers on poorly configured networks turn their boxes into the same thing without having to build the cabling.
They are so powerful because they have the access that being the nation’s listening post brings, not because they are using some advanced technology that I haven’t heard of. They could be useful to Google in this instance because they might have seen this type of break in before, but that’s far from certain. I’d be really, really sad if they had seen it because an NSA employee’s own copy of IE6 had been compromised. Just as sad as I was when a support agent I know hit a customers compromised site and got his workstation owned. But, I don’t know of the NSA operating as a consultancy service cleaning up hacks, and I wouldn’t get the average cracker (technical description, not a racist term) to clean up a box that I was in charge of that had been compromised, because it’s a different problem. I suppose that what I am trying to say is: The NSA spends its time listening because of its privileged position, not because it spends its time cleaning up systems after someone naughty has been in them, so I am not sure what they have to offer here.
On the other side of that argument, I am not sure who else they would turn to. Most law agencies seem pretty far behind when concerned with computer security issues. I don’t know of any security consultants that aren’t a waste of money, and everyone I know that I would think competent to track down such a hack has something in their past that makes employers generally wary. The NSA at least has some experience with the problem, and are an entity that you can go after via legal means if they do something that goes beyond the pale.
I’m not too concerned with the NSA mapping Google’s system, network, whatever and getting in again afterward. If they wanted to do that, they could have gotten in through the same method the Chinese came in through in the past, and if sufficiently determined, could find a new way in the future. Google shouldn’t have to turn over anyone’s search history, or very little of their own private data. The should be able to turn over the compromised systems (actually, they just need to hand over copies of them) to the NSA for examination, as the production systems should have been rebuilt from scratch and replaced. Since the machines that were initially compromised were running Internet Explorer, I seriously doubt it was a server.
What I am scared of ( but totally lack any evidence of) is that Google’s employees will turn over data by accident or agreement due to the amount of contact they will have through the NSA with this. Familiarity can make people do strange things, but that’s all I have to work with to fuel that fear.
I have an ex co-worker that was arrested and brought to trial by an FBI agent that actually engineered hardware and software to eavesdrop on a modem connection. It is generally accepted that any computer that is connected to a network can be broken into at least to the extent that data can be stolen from it. Some claim that merely being on is enough, but I sometimes doubt this half of the claim. The game is to make the barriers to getting the data difficult enough that the attacker will move on to another target.
To delete the Google cookie will depend on your browser. In all seriousness, I’d search Google to find out.
