Normcore Tech

Share this post
Google Drive is production
vicki.substack.com

Google Drive is production

Look at me, I'm the source of truth now

Vicki Boykis
Apr 28, 2020
Comment
Share

Art: Composition with Grid IX, Piet Mondrian, 1919

A couple weeks ago, Jack Dorsey tweeted that he was donating money to fighting COVID. A whole lot of money. 

Twitter avatar for @jackjack @jack
I’m moving $1B of my Square equity (~28% of my wealth) to #startsmall LLC to fund global COVID-19 relief. After we disarm this pandemic, the focus will shift to girl’s health and education, and UBI. It will operate transparently, all flows tracked here:
#startsmall trackerDonations current value, $ 1,260,412,570.00 current share square price, $ 63.55 number of shares transferred to LLC,19,833,400 Total Remaining: , $ 1,252,144,422.00 Total Dispersed:, $ 8,268,148.00 Distributed: Date, Amount ,Category,Grantee,Link,Why? 4/2/2020, $ 100,000.00 ,COVID-19 ,Americ...docs.google.com

April 7th 2020

68,036 Retweets293,169 Likes

And he did it in a Google Sheet, which, in an interesting twist, is open to everyone.

https://docs.google.com/spreadsheets/d/1-eGxq2mMoEGwgSpNVL5j2sa6ToojZUZ-Zun8h2oBAR4/edit#gid=0

In researching (and interacting with) Jack previously, he doesn’t exactly strike me as the kind of person who would carefully track things in a Google Doc.

After all, 

Jack also loves to talk about his meditation schedule, intermittent fasting, and SaunaSpace. He also uses something called an Oura Ring to track his sleep, and he drinks “salt juice” (water, Himalayan salt, and lemon - I guess he’s working on self-actualizing into becoming a conductor of electricity?)

He also recently went on a silent retreat in Myanmar.

Looking at the sheet, there are a number of points for further investigation. We could talk about the charities he picked, the fact that he hasn’t updated it since 4/14, and the calculus of transferring Square shares to pay for all of this. 

But what’s most interesting to me is just how ordinary is it from an actual spreadsheet perspective. It has equations. It has links. It has tabs. Billonaires - they’re just like us! They freeze panes to lock in rows and columns!

I think the much bigger story here, though, is that absolutely everyone uses Google Drive, simply because it’s a tool all of us, regardless of status, class, or how many companies we own, have ambiently available in our digital lives. In much the same way that Excel still powers the financial economy (and lots, lots of other things), Google Docs has risen as a cloud complement. The worse story is that, since it’s tied to Google, an ecosystem that almost everyone is a part of, and because its consumer version is free, it’s wormed its way into the operational systems of companies where it now lives like a very dangerous Swiss army knife, used for anything and everything without thought given to the implications.

For example, after the botched Iowa caucus in January, Nevada tried to record some of its election results through Google Drive,

Details on the new system are patchy, but it seems that at least some caucuses will be tabulating and reporting their results through a combination of Google Forms and associated spreadsheets. There’s also some indication that Google Forms may be used to check voters in at caucus locations, although in both cases, there will be other options available as a safeguard.

On the tech side, the state party is operating from a regular enterprise G-Suite account, apparently connected with off-the-shelf iPads.  

And, as I wrote earlier, schools are fully embracing Google Docs for students and staff alike.  In tech, Google Sheets are also often used to share salaries in order to give employees negotiational leverage. From my own personal experience, they’re often used to collaborate on writing and editing books, editorials, and petitions, and as invoice systems for places that pay freelance writers, including lots of fun personal information such as addresses and bank account and routing numbers.

The more I think about it, the more I’m convinced that the world now runs on Google, and if Google Docs ever went down, it would be an even larger blow to the economy than Zoom or Excel at this point, but that the more it stays up, the more this cloud app owned entirely by Google becomes the most dangerous weakest link in all of our workflows.

This is not an exaggeration. A couple days ago, I put out a call for crazy Google Docs use cases, and got them in spades. 

Twitter avatar for @vboykisVicki Boykis @vboykis
Working on this week's newsletter,about Google Docs, and I'm convinced (from personal experience) there are people/companies using Google Docs in unholy ways, which I'd love to include (if you're ok with it). What's the craziest/least secure way you've seen Google Docs used?

April 26th 2020

14 Retweets88 Likes

Here are some of my favorite ones: 

GDocs as a payment system:

Twitter avatar for @joshlauritojosh laurito @joshlaurito
@vboykis I built the AVClub’s freelance payment system (including negotiated payment rates and confirmation emails to the freelancers) with a colleague on top of a gsheet and we called it freelancelot!

April 27th 2020

8 Likes

GDocs as a chat platform: 

Twitter avatar for @peteskomorochpeteskomoroch @peteskomoroch
@vboykis I’ve heard Netflix mostly used gdoc comments to communicate with eachother instead of slack or email.

April 26th 2020

2 Likes
Twitter avatar for @ikdingI-Kang Ding, Ph.D. @ikding
@vboykis I've heard that students from my kids' school use Google docs as impromptu chat rooms, since they know for sure it's not blocked by school networks. But that probably doesn't quality as "crazy" / "least secure". 🤷

April 26th 2020

2 Retweets31 Likes

Google Docs as a lunch resolution service: 

Twitter avatar for @adamlaiacanoAdam Laiacano @adamlaiacano
@vboykis At Project Florida we had a pretty complex sheet for building lunch orders from Cafe China including auto-generated venmo payment links to the person who places the order. If that counts.

April 26th 2020

9 Likes

And, finally, as a development platform: 

Twitter avatar for @clairebcarrollClaire Carroll @clairebcarroll
@vboykis Control your kubernetes clusters via a spreadsheet
github.com/learnk8s/xlsku… Nothing could possibly go wronglearnk8s/xlskubectlxlskubectl — a spreadsheet to control your Kubernetes cluster - learnk8s/xlskubectlgithub.com

April 27th 2020

2 Retweets16 Likes
Twitter avatar for @eric_oh_seeEric @eric_oh_see
@vboykis hahahahaha, I am totally going to win this 🤓 - BigQuery data model -> Looker - Looker scheduled CSV report -> Fivetran email connector - Fivetran -> BigQuery - GSheet V8 script (queries BigQuery) -> populates Spreadsheet I set this up in December and :chefs_kiss:

April 26th 2020

3 Likes
Twitter avatar for @kara_ecemre can kara @kara_ec
@vboykis A google sheet that is editable via link as a DB for a microservice :)

April 26th 2020

2 Retweets47 Likes
Twitter avatar for @junghoon_sonMDJung Hoon Son, M.D. @junghoon_sonMD
@vboykis Google Sheets has a "TRANSLATE()" function. Once just mass loaded a few hundred thousand non-English documents each cell and translated a lot of text quickly using their seemingly free parallel computing power/API without having to work with APIs...

April 26th 2020

1 Retweet21 Likes

And, here are some from DMs:

  • “Used a google sheet as a shared account password manager, which is probably common. But this one was secure because someone made the password column white text on white background.”

  • “Not exactly google docs but One non-engineering team at a company I know used Google Colab to run production api ingestion tasks. This included all secrets being pasted in plain text with this Colab being shared with multiple people.”

  • “P&L level figures on a doc set to link-sharing that anyone can find I can email the entire company by sharing a team drive with the entire org - the "all employees" emails list has tons of non-internal email accounts”

Finally, are a couple where the specifics were so terrible that I needed to edit them out: 

  • Doctors keeping track of groups of patients in Google sheets

  • Ad teams using Google sheets to manually construct complicated boolean queries in place of NLP to create ads responding to specific consumer sentiments

  • Companies keeping all their customer’s addresses in docs that were accessible to external vendors, and, really, anyone

  • A very large company that initially kept track of a multimillion dollar line-item budget in a database, but migrated to a single, enormous Google Sheet that’s directly editable by at least 5 people. 

The more stories I got, the more I became terrified that our entire economy (what remains of it, anyway) is only a “click to share” link away from exposure. (But if you have more stories, definitely put them in the comments.)

There are a number of things that make Google Docs extremely sticky and extremely dangerous. First, most people have Google personal accounts. When you open a work-related spreadsheet, if your Google personal account is the default on your machine, the document goes in there. 

Twitter avatar for @jbendeatonBen Deaton @jbendeaton
@vboykis Mostly the thing where you click on a Google Doc link from your work gmail account and it opens with your personal Google account.

April 26th 2020

5 Likes

And where “in there” is, is a different story, too. We no longer own anything in the cloud. 

Twitter avatar for @JennyBryanJenny Bryan @JennyBryan
It feels like Microsoft, Google, and Apple are all trying to create a world where people have no freaking clue where their files are saved and I think this is a Really. Terrible. Idea. This is the root cause of our kids' greatest agony re: online learning right now.

April 22nd 2020

84 Retweets593 Likes

Google doesn’t give us a very fine-grained view or control on these files. As I wrote before, what’s ours is no longer ours. 

I was really surprised. Memes are, in an internet that’s been entirely corporatized and controlled top-down by Amazoogle and advertising, the People’s Content. They come from the bottom up, from message boards and reddit threads, from Photoshop and Powerpoint, and make their way online. And yet, we have no control over them, no way to save and catalog them, to search through them.

The people before us left behind vellum manuscripts and paintings, wrinkled photographs and handiwork, letters that smell of sealing wax - evidence that humans were here, doing human things, living.

What will be left of us when the servers are turned off and the last Baby Yoda gif disappears into the ether?

Another enormous problem is link-sharing. There are millions of spreadsheets out there that are accessible to the public with a link. Hackers have already previously exploited it, but surprisingly for a problem this big, there doesn’t seem to be a lot of other news about it. If hackers are working on exploiting this already, then we just have not heard anything about it lately.

Finally, it’s hard to tell which documents are ours and which are someone else’s. For example, as soon as I opened Jack’s sheet, it went into my own Drive, where it will now stay, for a very long time:

Twitter avatar for @AlanMColeAlan Cole @AlanMCole
Time for one old curmudgeon tweet: Back in the day there was a clear directory hierarchy on computers designed to be visible. When you loaded and saved files, even within applications, you could see that system. These efforts to obscure the directory system from the UI are bad.

April 26th 2020

53 Retweets486 Likes

We, as tech professionals and security professionals, spend hundreds of millions of dollars securing our clouds, our personal laptops, our databases and now we’re harping on Zoom’s security issues.

But I haven’t seen much press at all about how much of a problem it is that a company has not only managed to embed itself into our consciousness with search, but now also lives inside our companies as a complete production system that people rely on to track revenue, run databases, manage vendors, and, yes, distribute billions of dollars.

I’m not saying that all of this is going to come crashing down, mostly because many of thse systems operate through security by obscurity, but maybe we (and Jack) should back our stuff up at least every once in a while, and maybe take some of these docs out of production.

What I’m reading lately:

  1. Why are Taleb’s ideas so good (I personally have long been a fan) and yet it’s so easy to hate him? The Taleb starter pack.

  2. TFW you’re a data scientist IRL

    Twitter avatar for @redditshipsrelationships.txt @redditships
    I [30M] found my girlfriend’s [29F] spreadsheet tracking our entire relationship
    Image
    Image

    April 25th 2020

    1,061 Retweets9,820 Likes
  3. Cuomo’s Powerpoint aesthetic

  4. Bleak but good content

    Twitter avatar for @SpringcoilPeadar Coyle @Springcoil
    How can Data Scientists survive layoffs?
    peadarcoyle.com/2020/04/26/how…
    Image

    April 26th 2020

    19 Retweets74 Likes
  5. Saudi Arabia now owns Ticketmaster?


The Newsletter:

This newsletter’s M.O. is takes on tech news that are rooted in humanism, nuance, context, rationality, and a little fun. It goes out once a week to free subscribers, and once more to paid subscribers. If you like it, forward it to friends and tell them to subscribe!

Swag: Stickers. Mug. Notepad.

The Author:
I’m a data scientist. Most of my free time is spent wrangling a preschooler and a baby, reading, and writing bad tweets. Find out more here or follow me on Twitter.

CommentComment
ShareShare

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

TopNewCommunity

No posts

Ready for more?

© 2022 Vicki Boykis
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing