Google Can Still Read Gmail’s Confidential Messages

[Lucian Armasu]

The new Gmail "confidential mode" is not as confidential as you might think.

Google Can Still Read Gmail’s Confidential Messages : Read more

 

[Solandri]

I'm not really sure what people expect. The fundamental problem has been and still remains that the email protocol is not secure. If you send email from a gmail account to a hotmail account, it is sent as plain text readable by anyone with direct access to anyone on any of the networks between the gmail server and hotmail server. End-to-end encryption only works if both the sender and recipient agree to use and implement the same form of encryption. Since there's no standard, an email provider like Google cannot implement it on their own without having to field countless user complaints that "my friend at friend@another.email-provider.com cannot receive encrypted emails." Google cannot fix that - another.email-provider.com has to fix it - but ignorant people will still blame Google for it. So they don't even bother trying.

 

[elitech]

I'm not really sure what people expect. The fundamental problem has been and still remains that the email protocol is not secure. If you send email from a gmail account to a hotmail account, it is sent as plain text readable by anyone with direct access to anyone on any of the networks between the gmail server and hotmail server. End-to-end encryption only works if both the sender and recipient agree to use and implement the same form of encryption. Since there's no standard, an email provider like Google cannot implement it on their own without having to field countless user complaints that "my friend at friend@another.email-provider.com cannot receive encrypted emails." Google cannot fix that - another.email-provider.com has to fix it - but ignorant people will still blame Google for it. So they don't even bother trying.

I do not think that is the point of this article. No-one is talking about non-implementation of encryption on both sides of different email services. Not to mention, there are multiple email protocols, but that is not the point here either.

Google "confidential" works only for users that use gmail. Both sides, not one. So it is purely a google thing. While the sender can regulate access to emails and information sent to others via this service, google itself can still read these emails and store them for as long as it wants. So, if your main concern is privacy and protection from spying in general (someone else reading your private emails), then google confidential is not the answer.

Best regards.