Slashdot Mirror
Forbes Reviews Google's Gmail [updated]
An anonymous reader submits "Forbes.com has what looks to be the first hands-on review of Google's forthcoming Gmail service. Aside from the 1-gigabyte storage, the searching features sound pretty useful for what the writer calls 'email packrats' which I think fits me pretty well. But I can't say I agree with the writer's opinion that privacy fears, as discussed this Slashdot thread, about the Gmail service are 'overblown.' Still and all, I'm curious to try it myself and see what I think." Update: 04/13 00:55 GMT by T : notEA writes "A California state senator is drafting legislation to block Google from releasing Gmail. Seems kind of silly, since all anti-spam filters read your messages anyway."
Go to www.spymac.com and sign up for 1G of free email
It's hardly a good review. It's descriptive of the features, but the author makes it a point to emphasize apparent facts. He dedicates one paragraph just defending the fact that 1 GB is good for you, as if there was strong opposition and people lined up with posters "Give me back my Hotmail 2 MB!" outside of Google's offices.
Then in two paragraphs he explains what "clear text" means, providing gratuitous analogies of your ISP techs potentially reading your e-mail.
Here're some more interesting first-hand experiences:
GMail review, about spam filters and all
Another review with screenshots
Review from a current user with pictures and information on ads
Mark Pilgrim, complaining GMail's JavaScript broke his Firefox shortcuts.
Spymac already offers free 1GB e-mail accounts without all the privacy issues of GMail. However, not everyone wants their email address to have the word 'mac' in it.
I went to college for this?...
Let's not get ahead of ourselves, here. You're not the first to invent this exploit, for certain. I am sure that Google has anticipated this, and will silently punish those that take advantage. I'm hearing that Spymac.com has offered a simliar 1GB storage email deal (also free, no less), and they'd have to be world-class idiots not to have some sort of protections in place to keep the system from being abused (I can't find their TOS, or I'd link it for you).
I think once GMail gets out of the gate, we'll see what clever method they have to keep the warez out. Maybe no binary attachments?
Auto-reply to ACs: "Truly, you have a dizzying intellect."
It should be possible to use public key encryption with inspected outgoing and incoming email gateways to ensure email content privacy.
-Incoming SMTP Email
| Incoming Gateway encrypts plaintext email with User's public Key
- Encrypted Email
| Gmail Web based email server
- Encrypted Email
| User's Web Brower with Javascript decrypt. User supplies/cut-pastes private Key
- Decrypted Email only at user browser side
| User Reads and enters reply into text window
| More Javascript encrypts outgoing content using outgoing gateway's public key
- Encrypted Email
| Outgoing Email gateway decrypts outgoing Email
- Decrypted Email
As long as the Incoming and Outgoing email servers remain seperate,subject to inspection and undergo regular auditing, then the email stored on Gmail will remain unreadable to Google.
I think they started doing it when they saw the demand after the early Apr google announcement and people thought it was an april fools joke.
Disk space is so cheap this isn't an amazing size -- I get 10GB (email+web hosting) for $10/month.
Ummm, you realize this is true for ANY email service? Any mail server is hosted on a server can can go down or crash. In fact, I would trust Google or Yahoo or MSN more. They usually have clusters of servers. If one goes down, it is unlikely that the other 99 aren't going to go down. And they keep regular backups and such.
Regardless of the "winner", it's clear that having google spend effort on this will drive up the cost of offering the service. One of the earlier news pieces quoted $2/user IIRC. There's no way this figure is going to stay at that if you also have to include the man hours needed to thwart all the possible abuses.
This doesn't mean google will stop offering the service for free. Maybe they'll have a "premium account" deal like other big providers. Maybe they'll increase the advertising dose. Maybe they'll just absorb it and hope to win it back some other way (hey, by the time yahoo and hotmail are drained of all of their paying customers, google can do whatever they please!).
In a way, this is just like how spammers increase email costs for everyone by overloading the servers and pipes. It is a liability which google is knowingly opening themselves up to.
I haven't R'd TFA yet, but I actually have a gmail account.
My verdict: it's FAST, most everything seems to be done in javascript, much like Orkut. It's like night and day compared to yahoo, and no obtrusive slow-loading ads.
As for the privacy stuff, Brin is right- it's pretty much gone anyway, complaining about AdSense is just rearranging the deck chairs.. Especially when you sign up for a free email service- how do you expect to have privacy with a free email service? Run your own mail server if you want privacy.
microsoftword.mp3 - it doesn't care that they're not words...
They also could have an admin-side interface to search any given user's account for any given keyword (since that search is already presented to each user) which they'd run when presented with a valid legal warrant.
The issue here is not whether Google *could* search a user's email for a keyword; we all know they can. The question is whether or not they *would*. The U.S. District court last year decided that the RIAA could not subpoena ISPs to reveal the identities of users who have violated copyright laws on the network. I don't see GMail being any different: since GMail is not involved in the communication, but merely the conduit for it, it's not responsible for the content, nor does it have a legal obligation to reveal the identity of a person using the service.
However, I also see 1GB of email storage being highly abused by the mp3 trading community, and as a storage medium. If copyright-infringing files are stored on Google's servers, it would be a different issue. But in that case, the authorities (meaning the police, not the RIAA) would be able to present a valid warrant and Google would have to turn over the contents of that user's account. No searching would be involved... just turn over all the data the warrant requests.
I can't think of a legal instance where Google would be required to search emails for keywords for the authorities, in order to, for example, look for child molestors or potential terrorists. That would be in clear violation of Google's privacy policy and several federal laws, and the authorities would likely have to come up with a specific name and a warrant.
For security, the MD5 hash of this message and sig is 09f911029d74e35bd84156c5635688c0.
"Sanity is not statistical", George Orwell, "1984"
I seriously doubt they will be able to block the emails generated by my scripts. How will they tell them apart from valid email, samples of which will be embedded within the data carrying emails?
They probably just won't allow POP access to the 1GB mailbox. It's going to be a webmail service. I seriously doubt you could write a perl script to store and retrieve data from tiny encrypted emails over a webmail service that would involve parsing thousands of html pages to filter out all the ads etc etc etc.
If you want to try good luck.
- PS. This is what part of the alphabet would look like if Q and R where eliminated.
I've been playing with g-mail for a few days, as I have a friend @Google who let me have a couple of e-mail accounts. Reading and composing e-mail can be made over https:, which is a huge improvement over my yahoo mail. No help on IMAPS/POPS. User names must be 6 characters - and my favorites were already taken. All employees were encouraged to invite 10 of their friends to join. With nearly 2,000 employees, they probably already have a lot of test users. I've already reported 5 bugs and a feature request...
As soon as they support an IM server (which works reliably with gaim,) I'll drop my yahoo mail account.
The U.S. District court last year decided that the RIAA could not subpoena ISPs [techtv.com] to reveal the identities of users who have violated copyright laws on the network.
It's probably nitpicking, but it is not "The" U.S. District Court, it is one U.S. District Court, specifically the Appellate Court for the District of Columbia. The legal decision is not binding on courts outside the jurisdiction of that court.
They've said that they're looking into providing POP access (I'd love IMAP, myself), and you severly underestimate what you can do with screenscraping. That said, I think they will experiment with a number of different limitations. Email-per day and bandwidth limits seem very likely.
Well, since as far as I know, Spymac and Google are the only ones so far to offer 1GB of email.
And "these guys", Spymac, might very well be around in 5-10 years. They have been around since at least 2001 (probably before that) and they keep growing- up to over 100K members now. In January, Spymac 3 was released and it was a huge upgrade.
Guess who besides Forbes sat down with Google last week? The Electronic Frontier Foundation. "EFF strongly recommends that Gmail users delete the Google cookie often." I wonder why this link wasn't considered by Slashdot?
Google will terminate your account in accordance with Section 9 of the Terms of Use if you fail to login to your account for a period of nine months.
Bottom of this page.
If you wish to contact the good Senator Figueroa about her proposed bill, you may E-mail her here: Senator.Figueroa@SEN.CA.GOV
"It takes a very long time to count to 2 in binary." ~'Fourlegged'
Do you think Google's internet search engine actually looks through the text? Of course not. It builds an index. Same thing will happen for emails. Knock out common words and an index of an email would be tiny compared to the full text.
http://twitter.com/onion2k