ANYONE WITH A history of reading these hallowed pages will know that I consider myself the office Google Geek. I'm Android, I'm Chrome, heck, I even tried to make a go of that Google Wave thing.
One of the things that has always made me such an advocate of Google's was that little mantra that kept coming up again and again: 'Don't Be Evil'.
I liked that. It spoke to me. In a world of corporate greed, it was a little ray of hope.
But there's a little corner of the organisation, with its heart in the right place, which is definitely worrying me about the shape of things to come. Project Zero.
Set up in the wake of all the Heartbleed hullabaloo, Project Zero was to be a team of ethical hackers, in Google's employ, who would set about trying to find the vulnerabilities before they happened.
And on paper that's a very admirable thing. Google is giving time and resources to the internet as a whole.
But Project Zero has been getting ideas above its station. It hasn't just been finding the vulnerabilities and reporting them to the relevant parties to fix.
It has been making threats. It's 'policy' is a 90-day window for the bug to be fixed or it goes public.
It's like a self-appointed head of the Neighbourhood Watch committee coming round my house to warn me that I'd left the window open, and that if I didn't close it he'd put posters up telling the local criminals where they can find a soft target.
It's not even as if Project Zero is the official police of the web; its stance is one of self-appointed vigilantism. It has no right to make threats.
But the final straw came for me this week when Project Zero actually published some proof-of-concept code for one of the Microsoft vulnerabilities it had discovered.
It's basically handing the murderer the murder weapon and an instruction manual called 'How to get away with it'. First rule of not being evil: don't be an accessory.
Microsoft has appealed to Google to get its house in order. It claims that plans to patch the bugs in question were well in hand for a future Patch Tuesday, and to rigidly stick to 90 days is pure bloody mindedness.
And so we seem to have reached a crossroads in Google's role in our lives. On one hand, we have the two guys who started a search business with the mantra of 'Don't be evil'. It's the Google that I sat and watched rewarding not-for-profit companies with millions at the Global Impact Awards.
Or we've got some hackers with a bit of a God complex who have decided that, when it comes to the internet, they are The Law, and that it's OK to blackmail people into fixing their bugs, or they will make the problem a whole lot worse.
That, to me, smacks rather a lot of evil and it needs to stop before it infects the whole bloody organisation.
There is an official body working on fixing vulnerabilities, also set up after Heartbleed. It's called the Core Infrastructure Initiative (CII) and is jointly funded by the industry - Google included - and run by the Linux Foundation. That's how it should be.
I'm not saying that Project Zero is a bad thing as such. But it has repeatedly overstepped its boundaries.
If Google wants to help, by all means it should. It has the money and the resources to add over and above what the CII can. But the autonomy involved is just un-Google and unacceptable.
Perhaps it's difficult to be sympathetic to Microsoft, but imagine that this was a small back-bedroom developer who created a vulnerability by accident in an app that was his livelihood.
He doesn't have the resources or the know-how to fix it, and yet Project Zero will happily expose and potentially destroy him. That's not the Google I know.
At Woodstock, Wavy Gravy addressed the crowd with the following plea: "The one major thing you have to remember tonight when you go back up to the woods to sleep, or if you stay here, is that the man next to you is your brother, and you damn well better treat each other that way, because if you don't, then we blow the whole thing, but we've got it right there."
Please, Google. Don't blow the whole thing. Don't be evil. µ
Slack, hack and crack
A flaw in the protocol affects iOS, macOS and Windows 10
Wig wearer has issue with non-wig-wearer