Comments on: Google powers up users' Gmail security arsenal

The e-mail service is rolling out a way for members to see where else their accounts are logged in, and giving them the option to log out remotely.

[jeitzen]

Are they rolling this out in stages? I still cannot see it.

[jeitzen]

Are they rolling this out in stages? I still cannot see it.

[amitjain17]

Nice feature... Wouldnt it be cool to see the login history too??.. So if I wanna know from which IP address I was logged in a week ago, I could.

[ReVeLaTeD]

Stupid feature.

If another browser is logged in, that means they also have access to this tool and can (theoretically) kick you out, then change the password.

And yet I still can't get a feature to block emails where my name is not in the To: line. Amazing.

[n3td3v]

@ReVeLaTeD

Not all users with access to your Gmail account want to change the password, they want to read emails stealthily and thats all. Raising suspicion by letting the victim know you're there isn't something they want to do.

If they kicked you out and changed the password they wouldn't be able to read your emails anymore, hence why they don't kick you out and change the password.

You've got to remember why people break into web mail accounts in the first place, its not to steal your account, its to read emails and gather intelligence.

However, this feature is pointless in the sense of detecting if the government is snooping, as the government monitor your Gmail account in different ways.

This feature is only going to detect low-level snooping by bedroom teens, criminals and stalkers.

The end game is, the government are still reading your web emails and won't show up on this system.

It is a stupid feature in the sense its giving gullible Gmail users a false sense of security in that, if they see no rogue IP addresses logging into their Gmail account, that they think no one is snooping and reading their emails, that isn't the case.

This system won't detect government snooping, the government simply send a national security letter to Google Mail and they are granted full access to backend visualisation stats, graphs and other neat features to watch everything thats going on with your Gmail account.

You can probably bet this system purposely ignores known government addresses anyway in an agreement between the government and Google, so yeah completely misleading system this is.

All the best,

n3td3v

[fun2program8]

So, since you've stated how it won't work, would you mind telling us how it will? Would there ever be a system you'd be satisfied with, that wouldn't allow governments to spy on you?

See, I'm one of those folks who don't really care. In my point of view privacy is overrated. I think that, yes, privacy is good, but if the government needs to check my e-mail for a potential lead on a terrorist, by all means be my guest!

[Dalkorian]

by fun2program8 July 9, 2008 11:52 AM PDT
... "if the government needs to check my e-mail for a potential lead on a terrorist, by all means be my guest!"
---------------------------------------------------
That's the same attitude that prevailed in Germany back in the 1930's, it's the same attitude that allowed the nazi's to get as powerful as they were. It led to the formation of the German stasi, which only recently "disbanded" (repatriated by fuhrer bushit because some people just never learn). Thank you for helping to roll back human rights another 70 some odd years.

[wazhere]

If they kick you off you know (as n3td3v points out), if they use your ip they get from the interface the impact could be much greater. The feature needs to be secured under an alternate password not just the one you log in to gmail with.

[pete_run]

Re the "Google powers up users' Gmail security arsenal".

I just checked mine, and although not exactly comprehensive it is better than nothing.
It only seems to give the last 5 instances.

On my list of IP addresses was what I expected (as I'd just tried it out), laptop, PC and mobile phone, but there was one I did not recognise so I looked it up on www.melissadata.com:
IP Address 72.14.241.46, Country UNITED STATES, ISP GOOGLE INC. (about 0200 hrs BST-UK).

So, does that mean someone at google is checking up on me? One of their employees just having a look around?

[catbr]

ohhh...welll...NOW I know why I can log into my gmail account at my home desktop and EVERY other internet connected device I can put my hands on (including my cell phone) but couldn't access it - for some reason the security certificate for gmail is suddenly not compatible on my laptop.

I guess, I'll just wait until I get home to check my gmail :-(
I will continue to use my lycos, aim, yahoo, rr.com, aol mail, go, msn, netscape accounts on my laptop- they seem to work anywhere!

[febagent]

seems to be a useless feature when only able to show 5 records, we use google biz apps, which i have on my desktop and blackberry via pop3, so 5 records is only the 45mins worth of records given the frequency of the bberry push mail and my outlook send/receives, now if they could show a month's worth of activity, that would be another story