is GMail secure?

CyberGhost

hey I was wondering if Gmail is secure? are you guys using that gmail account for anything serious? I heard they read your mail or something or that the accounts maybe deleted since it's a beta?

Infini

CyberGhost wrote:

hey I was wondering if Gmail is secure? are you guys using that gmail account for anything serious? I heard they read your mail or something or that the accounts maybe deleted since it's a beta?

I read in the times about something about google's security. There's a anti-google site called www.google-watch.org that mentions things about googles security and privacy. Worth a look.

snappieT

As far as I can tell, it's very safe.

The one thing that worries me is that Google have already admitted that even if you delete a mail, it stays on their servers until it's overwritten.

According to some international law, internet communication "expires" after 120 days, at which point, the law enforcers can sepena your communications, rather than having a warrent.

forbairt

hmmm to be honest ... if you're worried about security then you probably would want to be worried about your mail messages being sent all over the internet while on its way to its destination ... research encryption / pgp ... or maybe its just the sauce talking ...

Splash

www.watchinggooglelikeahawk.com

CyberGhost

Thanks guys!

liamo

CyberGhost wrote:

hey I was wondering if Gmail is secure? are you guys using that gmail account for anything serious? I heard they read your mail or something or that the accounts maybe deleted since it's a beta?

I suppose it depends what you mean by "secure" and what your expectations are.

Your communications with Google are no more or less secure than ordinary unencrypted http traffic with any other site. Same applies to using the pop3 service.

They don't read your email - that is, a Google employee is not physically eyeballing your email. However, they do index it so that they can display what they think are targetted ads.

While I don't doubt that Google will do their best to store your data safely, this is a Beta service. Moreover, it's a Free Beta service. That being the case, I wouldn't rely on my data being taken care of with the same level of care that I would apply to my data.

Gmail is a handy service and I have a Gmail account. I also have a hotmail account. However, my day-to-day email needs are met my my own email server at home. I read my email across an encrypted session (with ssh) and I back up my data regularly. For me, that's secure.

Regards,

Liam

Peteee

snapscan1212p wrote:

As far as I can tell, it's very safe.

The one thing that worries me is that Google have already admitted that even if you delete a mail, it stays on their servers until it's overwritten.

This is what happens on a computer system anyway. If you send a file to the recycle bin and 'delete' it, nothing happens to the file, although windows will erase the 'pointer' to the file in its file system, and say that this bit of harddrive in now 'free' to be overwritten with new information.

Of course, they could just overwrite the 'pointed to' information with random 0's and 1's but........

And people who complain that their email is being 'read', get real!!

Its not only google who's doing it, how do you think hotmail detects spam or virii... by 'reading' the contents of the message!

/rant over

dbnavan

sorry to dig this up but .......A mate of mine claims that there is something in the Gmail usage policy that says they can publish stuff left for a certain amount of time on there server as it becomes google's property, is this true.

Tobias Greeshman

dbnavan wrote:

sorry to dig this up but .......A mate of mine claims that there is something in the Gmail usage policy that says they can publish stuff left for a certain amount of time on there server as it becomes google's property, is this true.

Not true, but read it for yourself: https://mail.google.com/mail/help/intl/en-GB/privacy.html#disclose

Unless you break the law and they are forced under law to give out your personal information. Or in the case where you breech one of their laws in respect to using their service.

Hobbes

Anyone who thinks that email is secure is kidding themselves. Unless your sending it encrypted it isn't that safe.

andy1249

The inventor / writer of the encryption software " PGP " ( pretty good privacy) spent years in prison in America for " exporting " this software abroad, basically the US considers any encryption tool stronger than 128 bit , a weapon !! I kid you not , and selling or distributing it abroad as a threat to US national security , so you can assume , that no matter what encryption you are using , that US national security can break it , so if you want to be private , meet up and talk very quietly !! Dont email !

hobie

this was on Eircoms news links today .... Google trying to protect 'search data' ..... it's not easy ....

http://news.bbc.co.uk/1/hi/technology/4731640.stm

MrPinK

GMail S/MIME firefox extension, for those who like to wear tinfoil hats.

andy1249 wrote:

The inventor / writer of the encryption software " PGP " ( pretty good privacy) spent years in prison in America for " exporting " this software abroad

No, Phil Zimmermann never went to prison. He was merely the subject of a criminal investigation, but the case was dropped.

andy1249

I beg to differ , According to Code by Simon Singh , the dude definitely did time !!

forbairt

andy1249 wrote:

I beg to differ , According to Code by Simon Singh , the dude definitely did time !!

Wikipedia is your friend...

Philip Zimmermann (born February 12, 1954) is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. He was the first to make asymmetric, or public key, encryption software easily available to all. This led the US Customs to make him the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication on the Internet as freeware. After the government dropped its case without indictment in early 1996, Zimmermann founded PGP Inc. That company was acquired by Network Associates (NAI) in December 1997, where he stayed on for three years as a Senior Fellow. In 2002, PGP was acquired from NAI by a new company called PGP Corporation, which Zimmermann now serves as special advisor and consultant. Zimmermann is also a fellow at the Stanford Law School's Center for Internet and Society.

Hagar

If the Americans are prepared to "interrogate" people in Guantanamo Bay who have never be charged with a crime, I don't think they will have any scruples "interrogating" a server with your mail on it whether or not you have been involved in criminal activity.

Hobbes

andy1249 wrote:

basically the US considers any encryption tool stronger than 128 bit , a weapon !! I kid you not

Actually as far as I recall that law was dropped sometime back (during Clintons time if I recall).

esskay

I remember reading about an american student who got the 6 lines of perl code that made the core of the PGP encryption algorithm tatooed on to his body. The U.S. govt told him if he left the country with that tatoo he would be charged with smuggling weapons.

F.Y.I PGPfone can also be used to create a secure telephone line between 2 pc's, PGPdisk can make encrypted partitions in you HDD
Interested in PGP, download it from http://www.pgpi.org/

Also, Hushmail is a free encrypted mail interface worth looking at if your worried about security.

If your NOT worried about you mail/telephone calls being monitored, google "echelon" and see what you find :eek: or check out www.echelonwatch.org/

Encryption should be the standard, not the exception