Single Point of Failure: The (Fictional) Day Google Forgot To Check Passwords

  • Published on: 16 January 2014
  • - @tomscott - I spin a (fictional) tale of the day that Google accidentally opened everything. Performed at GeekyConf, with thanks to Betsy Weber and Natalie Downe on camera.
  • Runtime : 13:5
  • tomscott tom scott single point of failure google gmail security passwords geekyconf


  • Elise Weatherly
    Elise Weatherly   1 weeks ago

    This caused a lot of dissension in our household believe it or not! I was heatedly presenting things like Change Management Processes, TEST vs PROD systems, SOX compliance, Best Practices, levels of authority in implementation, modifications and upgrades, etc., - ways and means of preventing such things as bad coding taking place, and the bottom line is protection of privacy. I am not as concerned with that as with other things as I consider myself an open book, but we DO have to protect ourselves from thieves, robbers hackers and scammers. In the words of Y'Shua they can be classified as 'wolves in sheep's clothing' (pretend believers) or even Pharisees ('religious' leaders who aren't real). Regardless, we live in a world where some do what's right and some do what's wrong and there eventually will be a distinct separation where even the motives of the heart are revealed, I opted for the Premier Protection Plan. I'm covered.

  • Shaunak Deshpande
    Shaunak Deshpande   1 weeks ago

    Is it possible in this hypothetical scenario for Google to use the increase in traffic to DDOS themselves and shut down their servers?

  • Paŭlo Ebermann
    Paŭlo Ebermann   1 weeks ago

    I would hope they have some kind of 4-eyes principle in place here – i.e. they need two people to approve code changes.

  • Miguel Medina
    Miguel Medina   1 weeks ago

    I feel like this is a video from an alternate dimension, on which this did happen. It feels so real.

  • FilipeGo
    FilipeGo   2 weeks ago

    Anyone seeing this in 2019 and getting anxious..?

  • BlockLab
    BlockLab   2 weeks ago

    should be put into a movie

  • ZeevDrifter
    ZeevDrifter   3 weeks ago

    Maybe I'm a bit too optimistic by I have a sorta nihilistic optimism about this possible outcome, most people would do nothing, bread and circus are too valuable to people now and perhaps a few psychos would go and try and delete all of Jack Black's emails or something but most people would hunker down.if google can rollback their servers, but figure out who does what damage, you're screwed, and few would play that risk even among the crazies.

  • H K
    H K   1 months ago


  • Immortal SoFar
    Immortal SoFar   1 months ago

    To mis-quote the Karate Kid - best security is don't be there. Don't save anything remotely you aren't prepared to lose and remember that your local devices are covered by unlawful search protection whereas remote data is not.

  • Kai Schreurs
    Kai Schreurs   1 months ago

    5:48 I wish them luck scrolling through thousands of youtube videos before finding anything they might be even remotely interested in.

  • Elso
    Elso   2 months ago

    Goes into google to see when the last time I changed my password... 2012

  • Dee Whitefield
    Dee Whitefield   2 months ago

    can’t believe Tom Scott leaked the next season of ahs in 2014

  • Edna Ngalabak
    Edna Ngalabak   2 months ago

    Everyone is saying they should make a movie or something out of this but this is basically what happens in a show called Mr.Robot ...

  • Pink Magic Ali
    Pink Magic Ali   2 months ago

    Go crazy my life is incredibly boring. I don’t use gmail for stuff like banks etc so mostly what people would get from me is damn subscriptions I can’t turn off. Plus I backup everything.I wonder what Maria thinks of his scenario.

  • Stan .Rarick
    Stan .Rarick   2 months ago

    "...because the airline ..." what? ( terrible audio )

  • 506 independent VIDEO
    506 independent VIDEO   2 months ago

    this would hit me hard, as i trust google to keep my website up and everything to do with 506 indpendent.

  • clray123
    clray123   2 months ago

    The code-to-production release process works like that in small screwy shops (Dropbox apparently being one of them), but in case of modifying widely used software, and especially security critical pieces of it, and especially where lotsa money is involved, there is a formal code review / signoff process that requires multiple persons to become involved before anything goes "live".

  • iso kasa
    iso kasa   2 months ago

    I wish the google login still looked like that

  • Hand Solo
    Hand Solo   2 months ago

    Funny, around the time this video was uploaded I worked for a reasonably well known online retailer. I was looking at an issue on our site one sat morning and found one of our products had a price of 0.00. I tried ordering one, and found that all I had to pay was the postage. I immediately raised red flags and put a hold on the many ordered that had already been placed. Didn't even get a thank you from my boss.

  • Quan To
    Quan To   2 months ago

    Ookay, let's deploy roundcube on a privately own physical server, and not use a domain name.

  • Benton Jackson
    Benton Jackson   2 months ago

    I didn't catch that this was fictional, and I was thinking, "Why don't I remember this? I think I would have noticed."

  • KirkHMiller
    KirkHMiller   2 months ago

    Great story... I could listen to this every [REDACTED]

  • Rei
    Rei   2 months ago

    All of them flexing rollex are damaging infrastructure. So yes in xyz we trust.

  • Rei
    Rei   2 months ago

    The beat seeems to ````` be blursed; phreaked frauded disastered hackered etc etc. Still. Now we're in the game.

  • Rei
    Rei   2 months ago

    Ok I have started watching. And it is true! I think I wrote that briefly somewhere but I deleted it again. But now I'm writing it here again. Because I have been blursed by an rtf file from before my time. It seems to be okay however. It's just that, Tom, I lost my android today. And my macbook air. I was quite attached to the stickers I had collected. You know that quote about being either a stamp collector or a physicist - what happens when you are both? I will try to collect another number tomorrow. I am just a bit tired of the wars, and I am on, yes AI right now. No that does not stand for AI, but something else entirely. The pivot to apple maps really affected me. Why do I need to look at a navigation map when I know where xyz is? Is this the blursed comment of unnecessary detail? Perhaps. But I can see from the code else that else means business. I just hope atalia and the uk and eu can work things out for the sake of code, there seems to be some interruption at mid-tier levels. Perhaps we need to send a few down a tier before continuing.

  • Rei
    Rei   2 months ago

    Tom, I am very worried about ant membership. I do not wish to be an ant. Nor do I wish for ants on me. They smell very strange.

  • billneo
    billneo   2 months ago

    I too was taken in until i stopped to looked at the title. Then i got distracted by the dark spot on the jeans—Oh, Tom, what happened?! :-)

  • EramsorGR
    EramsorGR   2 months ago

    Concerned. I am getting out of Google now. Custom email, cloud and others here I come

  • Black Templar
    Black Templar   2 months ago

    I wonder how many red tee shirts this guy has

  • MegaChickenfish
    MegaChickenfish   3 months ago

    Me: Well it's not like this fictional scenario has e-Tom Scott: It already happened with Dropbox.