Comments on: Google considers request to boost privacy

After more than three dozen security experts ask Google to offer encryption by default for Gmail and other apps, Google says it is considering doing just that if the apps don't slow down too much as a result.

[zvonr]

:-) those Ultrasparc T2 CPU-us from sun with built in encryption acceleration don't look as bad anymore...

[AndrewRich]

Except that the Google-provided Gmail gadget DOES NOT WORK with https and Google shows no interest in fixing it: http://www.google.com/ig/directory?hl=en&type=gadgets&url=www.google.com/ig/modules/builtin_gmail.xml

[RobertFHarwood]

Even better would be to add support for Digital Signature to encrypt the actual mail/docs and to setup the HTTPS connection.

[allenfalcon]

Pardon me, but the statement

"Google doesn't offer the ability to encrypt potentially sensitive data created in other Google apps like Docs or Calendar by default"

is incorrect.

Google Apps Premier Edition lets you set HTTPS as the default for Gmail and all of the application services, including docs, spreadsheets, calendar, sites, etc.

If you follow the service activation and setup guides from Google, you are informed of the HTTPS default setting and why your may want to select it for security reasons.

Regards,
Allen Falcon
www.horizoninfoservices.com

[jessiethe3rd]

Premier meaning paid service? Oh no - Google is actually a commerical software company now too!? Wow... that's news to me - I thought they only made money off ad revenue? Which is going to be and who the hell is going to trust a company with a model so deeply invested in making money off your data? Not me.

[luke_marsh]

Priorities.
Although someone's right to a good degree of personal privacy hence personal space is important this needs to be weighed up relative to the more vital need to secure the Power grid Infrastructure of the US and the need to secure the security of money crediting.
If google is to walk this road they need to consider diversification of their work on making such things as encryption technologies efficient relevant to how they might later aid more harder to break set-ups for more support in securing vital areas of the Economy.
For example they might want to consider have a higher degree on security and surveillance of those that might try and snoop in areas of the more valuable information like account details or other reveling areas that could effect the degree of economic trust within the interworking s.
Does it matter to the user if most of it is fast but mildly some aspects are a bit slower if their financial security is better protected from issues of fraud.
For example I think most people would agree that an Email asking about how a friends dog did in his visit to the vet doesn't need to be secured as much as key Data areas of an invoice regarding both personal ownership or personal data on ones money flow.

If say a financial fraud group or attacking group was to attack causing unrest or disrupting the economics would be a target interest not worrying about how george the dog got on in the vet surgery.
Also Google is in a prime position to bring users in on the activity where by the user could ask for some data to be more secure than other more trivial data. This would in turn mean that users were click with hints from business in a way that made them realise Google cared about them which people always like companies that care about them so it would be good for business.

Simply using a basic low encryption sweep may not be as secure for all areas of personal data and would not allow google to move into the security market that well in terms of their diversity of data security abilities but could well be a good place to start as opposed to doing nothing at all.

[shootfirst]

First off you are an idiot to be doing anything important using google docs. Even typing messages in gmail while on the web is stupid as at anytime things can crash on your side or theirs. When it is just yours it is easier to mitigate. Go get a copy of openoffice, it works awesome and works on every bleeping OS out there basically. Google has some good apps, but in reality they aren't wise unless you understand the full consequences. You also failed to hit on that Google knows everything you type on these services, they control the encryption keys. Once you go with google you are making them your silent partner and all of your data is now their data, read their agreements closely as after you get through all the legal jargon it states quite cleary that google owns your ass.

[jessiethe3rd]

And that my friends is no FUD just truth in the reality - Google is headed to owing your ass.