Slashdot Mirror
Forbes Reviews Google's Gmail [updated]
An anonymous reader submits "Forbes.com has what looks to be the first hands-on review of Google's forthcoming Gmail service. Aside from the 1-gigabyte storage, the searching features sound pretty useful for what the writer calls 'email packrats' which I think fits me pretty well. But I can't say I agree with the writer's opinion that privacy fears, as discussed this Slashdot thread, about the Gmail service are 'overblown.' Still and all, I'm curious to try it myself and see what I think." Update: 04/13 00:55 GMT by T : notEA writes "A California state senator is drafting legislation to block Google from releasing Gmail. Seems kind of silly, since all anti-spam filters read your messages anyway."
I think Google is being VERY forthcoming with information and making it clear what they do and do not do...
Why the uproar... if you're against having them sort your mail and deliver ads based on content, don't sign up!
With 1GB of storage, it won't be long until someone writes a perl script
to run backups to multiple Google accounts. The money I'd save on tapes
alone--wow!
E-mail is an inherently insecure medium. For the most part messages are sent in the clear, meaning almost no attempt is made to obfuscate the contents of a message from someone with prying eyes. All Internet service providers store e-mail on a server in order to deliver it to you. Technicians with time on their hands and lousy ethics can--if they want--read your mail. ...
Google insists quite clearly in its privacy policy that "No human reads your mail to target ads or other information without your consent." The process by which it pushes ads at its users is fully automated. Fears about privacy problems inherent with the Gmail service are, in our opinion, overblown.
All of the privacy fears surounding Gmail are based on Google breaching their own privacy policy, which would be an unethical violation of trust. But, since e-mail is unencrypted, every e-mail provider on the face of the Earth has the same ability to breach that trust, including MSN Hotmail, Yahoo, Earthlink, and whoever/whatever you trust your e-mail to.
So, when it comes down to it, the bottom line question is, do you trust Google to do what they say they're going to do? If you don't... just who are you going to trust to handle your e-mail?
If your tin foil hat is firmly on, you can't use e-mail at all. Most people will just not e-mail you rather than jump through security certificate hoops. That means their ISP's SMTP server could be logging everything that's sent from them to you, and you'd be powerless to stop that.
It's hardly a good review. It's descriptive of the features, but the author makes it a point to emphasize apparent facts. He dedicates one paragraph just defending the fact that 1 GB is good for you, as if there was strong opposition and people lined up with posters "Give me back my Hotmail 2 MB!" outside of Google's offices.
Then in two paragraphs he explains what "clear text" means, providing gratuitous analogies of your ISP techs potentially reading your e-mail.
Here're some more interesting first-hand experiences:
GMail review, about spam filters and all
Another review with screenshots
Review from a current user with pictures and information on ads
Mark Pilgrim, complaining GMail's JavaScript broke his Firefox shortcuts.
Even if Google is a "cool" company, I'm not so sure that I really want to let them have rights to my private information as their licence can be interpreted to give them.
Remember, Netscape used to be "cool" too. And Caldera. And so on and so fourth...
Then again, maybe McNealey was right and privacy is dead. What a wonderful world.
Dragging people kicking and screaming into reality since 1996.
Is everyone prepared for the 'oklahoma-land-rush style' name grabbing?
I'm sure there will be people who will try and speculate a few names for themselves and then sell them just like domain names.
I have a script that refreshes the gmail page daily to try and get a jump on my name but I don't have faith that I'll actually get it.
-- dK
Google:
No human reads your mail to target ads or other information without your consent
What about programs that target ads to you based on your email or ``other'' information? The way the article is worded infers that this is happening. What is to prevent google from coming up with human-readable statistics of what email messages a person or group of people are receiving or sending?
I wouldn't be surprised if this was the case with other email providers - especially ones that outsourced support to other countries.
Am I alone in thinking of hotmail or yahoo or google as the kind of e-mail you use when you have no better alternative? I can't imagine why anyone who can afford the price of an Internet account wouldn't prefer Pegasus, Eudora, or even Outlook.
Beyond that, I want my e-mail archives on my computer, not on some random server that I don't control. I want to know that I'm the only person who is accessing my files, and I don't want to wake up some morning and find out that the message that I desperately need to review is lost because of a server failure or DDOS attack.
Relying on a webmail system for your primary communications just seems foolish.
Three Squirrels
You must explicitly request Google by name to use their services. You can't be unaware of their existence like you can with Microsoft or Apple (comes with the computer).
Google does not surreptitiously install spyware on your system and record everything you do on your computer, requiring you to meticulously hunt down and remove its components or employ third party scumware removal utilities.
All you have to do stop using Google is to stop typing their name.
Switching to Google did not require a 15MB download, or a registration process, or a credit card. As the average joe, you've invested very little in Google, and you can replace them as simply as you can type a 4-8 letter word.
The only thing that keeps you typing their name is that you believe they're the best way to find the answer. Once you stop believing that, once a significant group of people become fed up, Google is finished. They know this, you should too.
In fact, type "search engine" and Google will tell you about altavista, lycos, excite, alltheweb, etc.
People are complaining because google is scanning their email with a computer. We have our private email scanned all the time, for viruses and for spam. In fact, many of the spam based filtering approaches look at the words and their structure and generate statistical models based on that for the purposes of identifying legit email from illigit.
So google will scan to add ads to my email. This info wasn't buried on page 200 in small legalese, but was in their FAQ! Google has been very forthcoming with how they will scan and store individuals email. Given that they are upfront about this, some of the privacy groups seem to literally have gone off the wall.
People say, ads are obnoxious in my email. Clearly you havn't used hotmail recently. They are in the frame and in the email! Google invented the unobtrusive ad.
Compared to the hotmail and yahoo accounts people will be coming from (have you read your SBC/Yahoo terms of service recently), it is hard to see how google will be so much worse for them, even from a privacy standpoint.
While the airlines are giving my flight info to private contractors to profile me so that I can't travel anymore, without telling me, google posts how they will scan my email to advertise products to me.
Personally, I couldn't care less about their mail scanning to associate ads. It's a free service.. Ad's are the cost of usage. If they can get legitimate advertisers and successfully achieve directed advertising, that's even better. I am much more concerned about transit and authentication security.
Some of the privacy areas that would be more valuable to me are:
- Ability to access securely. I am much more concerned about sniffers on public networks grabbing my data than google's software seeing it. Can I use a fully SSL encrypted session for mail access (rather than Yahoo's SSL authentication, then clear viewing of mail content)?
- Encrypted e-mail support? Open standards based e-mail encryption would be a major plus. If it was compatible with Mozilla/Thunderbird it would be extremely useful. Running a huge mail service that supported this could get enough momentum for average people to actually secure their e-mail. (The mail is then secured not only in transit, but also on the disk.)
- IMAPS / POPS support? I don't know if it will allow POP/IMAP support at all. But, if it does, SSL encrypted sessions are a must to avoid password and data sniffing.
Wonder how much I could sell a gmail account loaded with mp3s for on eBay?
Sunday you're Thinking Different, Monday you're a huge tool, paying too much and waiting to think like everyone else.
Don't forget that they're going to learn a lot about how to defeat various abusive strategies with their own record-keeping and creative ideas. They're going to have the world's best testbed for all kinds of new internet-related issues.
My guess is that they'll experiment with techniques to make sure it's a person, rather than a script. And they'll keep stats on how effective each technique was.
There will be so many interesting research opportunities for them. There are perks to being the world's largest provider of something (MS, Oracle, Google, etc).
It should be possible to use public key encryption with inspected outgoing and incoming email gateways to ensure email content privacy.
-Incoming SMTP Email
| Incoming Gateway encrypts plaintext email with User's public Key
- Encrypted Email
| Gmail Web based email server
- Encrypted Email
| User's Web Brower with Javascript decrypt. User supplies/cut-pastes private Key
- Decrypted Email only at user browser side
| User Reads and enters reply into text window
| More Javascript encrypts outgoing content using outgoing gateway's public key
- Encrypted Email
| Outgoing Email gateway decrypts outgoing Email
- Decrypted Email
As long as the Incoming and Outgoing email servers remain seperate,subject to inspection and undergo regular auditing, then the email stored on Gmail will remain unreadable to Google.
I think they started doing it when they saw the demand after the early Apr google announcement and people thought it was an april fools joke.
Disk space is so cheap this isn't an amazing size -- I get 10GB (email+web hosting) for $10/month.
What makes people think that Hotmail, Yahoo, and other free-mail providers don't intentionally or accidentally archive, parse, or otherwise "invade" their users' privacy to some degree?
In any event, as long as people are sending clear text email across the net, it's all being read and stored by _somebody_.
.sigs are for post^Hers.
Ummm, you realize this is true for ANY email service? Any mail server is hosted on a server can can go down or crash. In fact, I would trust Google or Yahoo or MSN more. They usually have clusters of servers. If one goes down, it is unlikely that the other 99 aren't going to go down. And they keep regular backups and such.
Now I can archive years of spam and show my grandkids just how easy it used to be to get
a) Viagra
b) Vicodin
c) A degree
d) A loan
e) Laid
Sunday you're Thinking Different, Monday you're a huge tool, paying too much and waiting to think like everyone else.
I trust google to not read my email... and I really don't have a problems with ads being displayed to me...
Look at Hotmail... in hotmail, If your mother or your wife is using hotmail, despite the content of the email, or her profile, she is bombarded with ads for singles sites, personals sites, and the occasional porn site... and that's being shown to your 16 year old kid too.
These ads are made to look like polls and chat boxes or survey forms to specifically increase click through....
but google, though it may parse your email, will display a relevant ad based upon the content of the email. This means your mother will be shown recipe sites... your daughter will be pointed to the Gap, and when you wife mentions Valentines or Mothers day to you, you will be able to instantly click through to redenvelope.com...
Possibly, it could be a life saver.
and honestly, if I never had to sort or search for an email again, Id be happy.
The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
Bobb has every email he's been sent since 1996. It might be thousands of messages, maybe hundreds of thousands by now. His Eudora mailbox has been transplanted to two different computers and that's only in the time I've been here. He hates having to reboot his machine because it takes 20 minutes for Eudora rebuild the index. And worst of all, it's mostly useless, out-of-date crap!!! Every old, unimportant thing you could imagine--network monitoring alarms from the late '90's, 'see you in five minutes' type stuff, bounces, and spam, spam, spam... maybe 1% of this stuff has enough content to bother with. The rest? A distraction if not a hinderance.
please don't end up like bobb. prune that mailbox regularly! don't forget to wash behind your home directory, either.
http://diveintomark.org/archives/2004/04/12/dream
and here:
http://diveintomark.org/archives/2004/04/10/gmail
My favorite quotes:
That said, I have a gmail account and I think it looks great. Still, that's an awesome flame from Mark Pilgrim.
- "When you want something with all your heart, the entire universe conspires to give it to you" -Paulo Coelho
There's a reasonable likelihood that yourname@Gmail.com will still be working 5 or 10 years from now, when you'll really need the 1 gig for the accumulated emails. I'd put the probability of "these guys" being around 10 years from now at approximately zero.
Imposing Libertarian views on everyone online since 1992.
I'm somewhat skeptical on your figure of 200,000,000 (two hundred million) Hotmail accounts ... but, assuming that's a worldwide total and assuming that some small fraction of Hotmail users are abusing the service by using dozens or hundreds of mailboxes for whatever nefarious activities, I suppose it's a halfway plausible figure.
So let's assume, for the moment, that Google really plans to support on the order of one hundred million users. Your numbers clearly indicate that 1GB of devoted disk space per user would be unfeasible -- or at the very least, *very* costly to maintain. Happily, I don't think Google plan to go that route.
I would consider myself an average-volume email user, but after subtracting out the ~300 spams I receive daily, I probably get fewer than three dozen pieces of ham (valid emails) on a given weekday. Those messages have a very small average size (about 3kB) but we'll be charitable and assume that the average ham is 10kB in size.
So, the typical user (i.e. me) can expect to receive 360kB of mail in a day. At this rate one would expect that his 1GB of storage would be exhausted within a year. But emails are plain ASCII or Unicode text, which is very compressible. Google are of course very good at storing text in compressed-but-searchable form -- one might even say it's their core competency, alongside the PageRank algorithm. Given that emails consist of a large amount of redundant information such as headers, and that many list threads endlessly quote earlier messages, a user's entire mail corpus might be compressible by 300%. So we've raised our time to hit quota from one year to three years.
If Google are *really* smart, they'll identify mailing list messages and amortize the storage cost for a list message among all Gmail subscribers subscribe to the list. Since lists are typically the noisiest source of mail in my inbox (most messages and largest size), I would expect quite a bit of savings from this technique.
I haven't R'd TFA yet, but I actually have a gmail account.
My verdict: it's FAST, most everything seems to be done in javascript, much like Orkut. It's like night and day compared to yahoo, and no obtrusive slow-loading ads.
As for the privacy stuff, Brin is right- it's pretty much gone anyway, complaining about AdSense is just rearranging the deck chairs.. Especially when you sign up for a free email service- how do you expect to have privacy with a free email service? Run your own mail server if you want privacy.
microsoftword.mp3 - it doesn't care that they're not words...
I agree with you. They have shown themselves to be pretty honorable and trustworthy thus far.
The only problem is that I wonder how much of this will change after their IPO.
Right now they are a private company trying to build up. What happens after they issue stock and have report their earnings quarterly? Will they stick to their principles?
If you think even a few percent of Google's customers will come close to 1GB of email within the first few years then you overestimate the average email user. Even if they did, using an aggressive compression algorithm they can cut store a full account (1GB of uncompressed email) down by at least 50%, if not to 20-25%. Since it has to be email then it has to follow normal email encoding standards (7bit, base64 encoding for binary, etc)
I think the power users are those who will subscribe to lists that they want to use for reference, but do not actually read on a regular basis. And guess what Google will do with such a list message? They will likely store one copy on the server, and a pointer from every account which received that message - perhaps with a small diff file to recover address differences, etc.
In the end, hard drive space is cheap They can set up a fully backed up terabyte array for under $1000. That terabyte array will support thousands of 'average' users, and hundreds of 'power' users.
The biggest deal is the searching technology. To search all that they'll need several dedicated servers with their own indexes. Chances are email will be auto-indexed as it comes in so searches always seem fresh.
In the end it's not going to need even a few percent of your excessive estimate. But if it did, you know it'd be worth it since they'd have extremely exacting profiles on their users and the people they contact, and advertising that is so tightly focused can be nothing but profitable.
The concept of indexing each email as it's stored provides a powerful opportunity for spam filtering, compression, and copy storage. If two messages are 90% similar then they may be from a list, they may be spam, or they may be valid. Create a diff file, store the diffs on each account, store the 'main' message the diffs were created from, and file the messages into the spam holder or regular folding, tagging and indexing as you go.
The fact is that the more users they have, the more powerful this system becomes. I'm drooling just thinking about the possibilities... I wouldn't mind working for them, I think.
Of course, this is mad speculation, but it just makes sense givin that they are an indexing company. Their main product is not searching, but indexing. Searching is simply a by-product.
-Adam
I've read all your email and you've got nothing to hide.
paintball
This is being blown so far out of proportion. Seriously. As countless others have said, our email is scanned all the time by third parties for spam and viruses.
If you have concerns about Google scanning your email to place unobstrusive, sometimes-actually-useful text advertisements next to your email, then there is a solution. DON'T FLIPPING USE IT! That's all there is too it!
The thing that I'M concerned about is if they pull a similar move that Apple did with mac.com accounts. "Oh yah they'll be free forever", then two years later, once everyone is hooked on free @mac.com email addresses, they turn around and say they're going to charge $99 dollars per year. Excuse me? I dont think so. My mac.com email was my main email for nearly two years and as soon as they pulled that shit, I cancelled my account, bought my own domain, and now have free email for life. Apple was hoping that users would pay because they had been using that email address as their main email and wouldnt want to switch. Well it didnt work on me and yo should have read the mac message boards when this happened. People were pissed!
I do think Gmail is a cool idea. Being able to store a gig of email so you (as an average user anyways) never have to delete email and have the best search engine in the world to search through old emails is awesome. But what if their idea is to get you hooked so you wont ever want to give it up, then start charging a fee for it? Even though it is worth probably $100/year, I would tell them to shove their bill up their ass and move on. This is why I won't use Gmail.
Joseph?
All spam filters "read" your email. AOL, Hotmail, anything with SpamAssasin, any service with spam protection needs to "read" messages to analyze them.
Oh, and about this:
..."residual copies of email may remain on our systems for some time"...
They use computers with hard drives! They can't guarantee that data is completely shredded. I'm sure they're not performing a secure wipe of every sector containing portions of an email once it's deleted.
If you started looking, most of the privacy "concerns" with Google's service apply to almost any email service. It's a huge fuss over nothing.
-- If you can read this, you are too close to my signature.