Slashdot Mirror
Gmail Commentary and Responses
Phil Windley writes "In his inimitable style, Tim O'Reilly tells us why GMail matters. The piece is entitled, 'The Fuss About GMail' but that doesn't begin to properly identify the real meat of what Tim's saying. Tim does discuss some of the privacy concerns on GMail and why he's not concerned, but he also breaks new ground on why GMail is not just another free email system. For example, Tim talks about how GMail might herald an era of large centralized computing and calls for APIs to allow GMail content to be move back and forth between it and other systems." Reader chris mansley writes "Google is quietly responding all the flak being given to their new email service. They have added a statement to quell the growing list of concerns. No more keeping email forever is at the top of the list. The reviews have been sparse on details and screenshots, but now Google is providing a sneak peek here and here." The only thing I didn't like about Gmail was their apparent intention to keep your mail forever, regardless of your wishes. Since they've now clarified that they don't plan to do that, it doesn't seem like there's much of a problem any more. Yahoo and MSN already link your searches on their respective engines with your account profiles on their respective free email services, and no one seems to care (maybe because no one uses MSN or Yahoo as a search engine these days, but still).
If you've got a trust-nobody mentality then what Google has to say means nothing, they're going to rip up their privacy policy and send every e-mail that goes through their system directly to John Ashcroft using their PageRank sorting technology to indicate which e-mails are most relavant to his desire to repeal every amendment in numbered order...
Of course, if you're sane, you trust Google because if they really wanted to screw the world over, they simply could decide that since their search engine is so good, everybody needs to pay $25 a month to keep accessing it... or decide to start logging all search queries to a user-specific cookie... or just take their bat and ball and go home. They've already got enough power to mess with us even worse than Gmail could be, and they've yet to be caught abusing any of that power or going back on their word.
That's how trust is really built... by letting them have the ability to screw up and seeing that they don't manage to do so. I'd certainly trust my e-mail with Google more so than I'd trust some of the other major "free e-mail" services out there.
Since that 1GB will quickly be filled with spam and nothing else. Let them search and index THAT!
All Hail Discordia. Hail Eris. Fnord.
If you don't like Google's terms/serving ads based on your email... don't use Gmail! It's really that simple, no need for extra laws. Let the free market decide.
Comment removed based on user account deletion
Which is a good point, right?
Google right now faces a huge issue: "spam" websites designed to bomb it's search engine.
The one common thing about all spam emails is that they have a link to a product page [unless they're *scam* emails, a completely different thing]. Google can use algorithms on mail that gets marked and checked as spam to nerf the page rankings of those webpages.
Why is this important? Because it gives people a free service, gives google advertising money, and has a huge benefit to the search engine.
The best filtering "algorithm" is 5 million users doing your filtering for you. Google doesn't have that right now, because they don't ask anyone to rate their web results. Google stands to gain a huge statistical advantage by incorportating email into their services.
(maybe because no one uses MSN or Yahoo as a search engine these days, but still)
Yahoo Groups
You'd be surprised how many people use it
Isn't this true? What is the difference?
I like this approach, it makes you think about what you say. Maybe some emails shouldn't be sent. If you have to worry about it, you shouldn't do it.
Jeoin
heck they plan on hardware failure, and if a box drops dead, they do not even pull it out of the line up until sometime the following week.
"It is a greater offense to steal men's labor, than their clothes"
I think they've clarified they privacy policy to a level that us geeks should easily be able to understand...
When you hit "delete", more often than not in computer land, your data is not immediately rendered unrecoverable. In most operating systems, deleted files are ushered over to a "holding bin" for a final clear-out command to really get rid of them in case we want to change our mind. Once the OS finally lets go of the file, the file system often takes the short cut of just removing the index pointers to the file and/or marking the space as "unused", but leaving the data still spinning on the drive until something eventually wants to use that space... let's face it, a "quick format" doesn't have time to hit every track on the drive, it's taking a shortcut and that's what makes it "quick".
So, really, they're just saying that in order to make their magical mega-system work, "delete" isn't going to mean "Expunge it all right away!" but simply "Put in the pile that'll be discarded the next time the garbage collection process comes by." Therefore, they'll need to keep your "deleted" e-mails for an undisclosed length of time... they don't intend on keeping it forever, although they have to word the privacy policy in a way that might be misread that way because to do less just wouldn't be being honest.
If you don't have root access to the e-mail system where you work, you don't really know if "delete really means delete" on that system either. Your boss may in fact have access to your e-mail... you might as well assume that they do unless you know otherwise.
Would be a killer feature. If they could sync my PDA with my Desktop with Thunderbird I'd be thoroughly impressed.
Y! has this functionality for Outlook only; and it's seriously flawed (tasks get truncated at like 20 characters or something - ugh!).
Google certainly has what it takes to pull this off right. Hopefully, they'll provide a way for developers to integrate with the gmail API with external apps (ala T-bird, etc).
You can bet your last dollar that MSNmail, etc will (or already do; I don't use MSN) offer Syncronzation with their desktop apps.
Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
I'm really impressed with how Google has handled themselves since their inception. They have certainly been innovative, but most importantly they employ things that aren't seen enough in today's business world: openness and integrity.
I'm inherently paranoid (or, perhaps more appropriately, private) and always take things with a grain of salt - especially when it's coming from a business the size of Google.
That said, I don't blame Google for their desire to recoup costs by generating targeting advertisement. I'm very much impressed with how open they have been about the procedures they will use to actually target the ads. With this recent letter that so quickly and openly answers concerns made public recently, I'm happy to say here is a company that has been widly successful - all while being true gentlemen.
A good review can be found at http://jogin.com/weblog/archives/2004/04/15/juice
Here are a few reviews that I was reading
A moratorium around election time to end some of these shenanigans would be appropriate.
At least with an e-mail service, Google will be standing on two feet when this happens. People will want to check their GMail no matter what search they are using. Google isn't even close to the financial power of Microsoft right now, so it needs to prepare for the attack...
1. use a browser/email plugin that can automatically encrypt your email before sending it.
2. use a browser/email decrypter plugin to unencrypt your mail when you read it.
PGP as a form of encryption is commonly available. Theoritically possible but I am not sure how practical it is.
This way all the webmail programs do not know what is being transmitted/stored.
How about other applications that can use the 1GB of storage from gmail?
e.g. online filesystem - files stored as attachments to emails to yourself.
What else?
I have an early gmail account, and have used it a little.
The most serious concern is the privacy policy itself.
http://gmail.google.com/gmail/help/privacy.html
Specifically:
As a standard email protocol, when you send an email from your Gmail account, Gmail includes your email address and user name in the header of the email. Beyond this, we do not disclose your personally identifying information to third parties unless we believe we are required to do so by law or have a good faith belief that such access, preservation or disclosure is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or governmental request, (b) enforce the Gmail Terms of Use, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues (including, without limitation, the filtering of spam), (d) respond to user support requests, or (e) protect the rights, property or safety of Google, its users and the public.
"governmental request" means pretty much they'll turn over any information withouut a subpoena. I suppose for a free service, you get what you pay for.
The big thing with GMail apart from its space, is google's name behind the search feature. A proper search function really appears to be lacking in pretty much every major email client out there, once you get into large volumes of mail (which if you are reading this, you probably are) searching the mail takes serious amounts of time.
One existing, non-web, alternative is Bloomba which has a *great* search function, even on high volumes. My email client is already indexing well in excess of 10K messages (folders cap out at displaying >5K, I have two of those) so I dont have a real count), and searches all take less than a second.
paul reinheimer
You can bet your last dollar that MSNmail, etc will (or already do; I don't use MSN) offer Syncronzation with their desktop apps.
Microsoft-owned Hotmail has been integrated into Outlook Express since the late 90s. A free msn.com address is nothing more than Hotmail by another name.
"governmental request" means pretty much they'll turn over any information withouut a subpoena. I suppose for a free service, you get what you pay for.
Just notice that the wording is in a negative mode at that point. They're listing situaitons in which they won't reveal information. They're not saying that they will hand over infomation to a weak government request... just that you don't get to sue them if they decide to so.
It all goes back to whether you trust Google to know the difference between a non-mandatory government request they should comply with and one they should turn away.
Well done Google.
Now lets turn it on and give it a try!
Makes you wonder what is next?
I want a Google watch!
last figures i saw showed approximately
40% of users use google
30% use msn
30% use yahoo
25% use aol
various others have smaller shares...
clearly some folks use more than one engine...
if google charged for search and they would suffer...
as original poster pointed out few complain about msn and yahoo cause they dont give a damn....hysterical ninnys will complain about just about anything so let em.
if you want free email from google, google will have the option of setting some terms...dont like em, dont use it.
move on.
With millions of mailboxes full of keywords such as "viagra," I couldn't think of a worse way to associate ads with a user.
You want Grandma to use a password-protected website or FTP server??!! Hang on...you want Jane User to set these services up??!
I suggest you get out of your cave and realise how the real world works. Jane User and Grandma User doesn't care for SSL/PGP/SFTP..etc. They want something that works and something thats easy - enter email and GMail.
If you want to mail sommat you don't want The Government to see, then use another method of mailing it.
I understand why people are a little freaked out by G-Mail, but really, if you need privacy, you shouldn't use ANY mail service that you aren't absolutely sure doesn't read email, and you should encrypt your message as plain text emails can be intercepted at any of the thousands of mail servers your mail will pass through.
-Derick
I can say that I trust them (the founders) pretty much totally. It probably had something to do with the posted signs saying "Don't be evil." All over the place. Its rule number 1. I also use gMail, and while I don't think its as amazing as people have made it out to be, its nice to not worry about inbox limits. If your still concerned about privacy think about this. They have your IP address and every search you've ever run, personally thats more revealing about me than most of my e-mails. Do they log them all in some huge scary database? No. But if you're paranoid enough to worry about bots reading your mail, you should probably think about that potentiality as well. -Ian
"If you've got a trust-nobody mentality..."
Then what the hell are you doing signing up to use a Free email service, or for that matter being on the internet to begin with?
If you do not trust google, then you really shouldn't trust hotmail or yahoo either.
3dinfo@maficstudios.com
You know what I think? I think the whole privacy issue is a "grassroots" campaign initiated, funded, and propogated by the one company scared spitless of Google: Microsoft.
My girlfriend's cousin's best friend's roommate in college reported that his brother-in-law (who works for Microsoft, so you know it's from a reliable source) tells me he "handles" the PR firm that is managing this whole campaign, to make it look like Google is a big, scary ursine terror, instead of the big fluffy teddy bear they really are. Microsoft has (to date) spent $1.2M buying advertising disguised as special-interest groups, "reporters" for major tech rags, and M&Ms for the office.
Really. Don't laugh at me like that. I'm serious. It's all part of Microsoft's astroturf campaign to discredit Google.
Microsoft is to software what Budweiser is to beer.
The thing to be a cross between web mail and a desktop email client: it is written in several hundred kilobytes of javascript.
If you look at the very first condition (a), you'll see that they explicitly define a government request as seperate from a "legal process", "law", or "regulation". Clearly, the act of obtaining and presenting a warrant or subpoena falls under the category of "legal process", which is identified as being different from a "government request".
As well, notice that that Google explicitly says that they will turn over personal information to "third parties". That could mean anyone-- your boss, your teacher, your parents, the RIAA, or even your Rabbi. The simple fact of the matter is that the only way to get privacy in e-mail is to run your own servers and only send and receive encrypted e-mail messages.
I'm not saying that Google is evil-- though they do admit that they will be more than helpful in providing anyone with your personal information if the request satisfies any of the above conditions which, in my opinion, are overly broad -- but I do think that any organisation that really cared about your privacy would have a simple policy: they would not turn over information unless the request was made through the legal process.
Is there any technical reason why you couldn't write some clever code that would allow you to mount GMail as a networked drive, just like Konqueror does with its multi-protocol support?
Files would be stored as attachments, along with a file allocation table of some sort. Send a mail to yourself to write a file; delete the mail to erase it.. but all totally transparent to you. It'd be a bit slow, but some clever caching/buffering could take care of that.
You could theoretically get it to span across several accounts to store files larger than a gig. Just add un/pw's to a config file to increase your storage capacity.
Even if they don't end up providing pop3/smtp, you can still just script the html sessions like YahooPOPs! does.
Jesus Christ on a pogo stick!
Do they not teach history at all any more?
I'm Alexander Ivanovich Ladyzhenski. I have nothing to hide; despite my noble origins, I'm just interested in my job, teaching mathematics, in my native land of Russian. In 1937, Ladyzhenskaya was arrested in one of Stalin's purges and in a show trial convicted, for his family's status as minor nobility, an "enemy of the Russian people" and sentenced to death.
I'm Dietrich Bonhoeffer. I have nothing to hide; I'm a minister and a theology professor. I'm just interested in being a good Christian, and keeping Christianity from being taken over by pagan practices in my native land of Germany. In 1943, Dr. Bonhoeffer was arrested by the Gestapo after his opposition to Hitler's racial policies and attempt to take over the German Church lead him to join a plot to assassinate Hitler. He was executed just three weeks before the Allied victory over Germany in 1945.
I'm Matthew Shepard. I have nothing to hide; well, except I'm gay, but I'll confide that to these two nice fellows I'm having drinks with in this bar. The two men Shepard was talking with, Aaron James McKinney and Russel (sic) Arthur Henderson, lured Shepard into leaving with them in their car. They then robbed, brutally beat, and tied Shepard to a fence, leaving him for dead. Found eighteen hours later, Shepard survived five more days before dying of his injuries.
The graveyards are full of people who "had nothing to hide" until a change in government or an encounter with thugs meant they suddenly found themselves outsiders and victims, members of some group considered "ok" to brutalize and oppress.
But of course, this is America, and it can't happen here, right? Matthew Shepard was just an exception, right?
I'm Fred Hampton. I have nothing to hide; I'm a member of the Black Panther Party fighting for civil rights and to end gang violence in Chicago. In 1969, asm part of is COINTELPRO program to suppress leftist dissent, the FBI provided the Chicago Police Department with the floor plan of Hampton's apartment. On December 4, police raided Hampton's apartment, firing automatic weapons. Hampton was found in his bed wounded by the police gunfire and possibly drugged by a police informant. From Wikipedia:
A later investigation found that of the one hundred bullets fired in the raid, the police had fired ninety-nine; the single bullet fired by a Black Panther had been fired in a reflex spasm as the man died.
But you have nothing to hide.
Opinions on the Twiddler2 hand-held keyboard?
he then continous:
1. Giving users a lot of space. Okay, this isn't rocket surgery. Disks have been getting cheaper for a long time now. Do you honestly expect to see other large (and even mid-tier) web mail providers not increasing their offerings to match or surpass those of Gmail? It seems like a no-brainer to me.
2. Proving virtual folders, conversations, search-based message lists, or whatever you want to call them. So we've got threading (not new) plus virtual folders (not new) in a single mail interface. Well, stop the presses! It's amazing to think that no mail clients have offered this functionality in the last 5-7 years! Oh, wait. They have.
3. Adding context-sensitive ads to your mail. Yippie! I'm gonna switch right away so I can start seeing SPAM that I cannot filter even in my previously non-spam mail. Sign me up!
see http://jeremy.zawodny.com/
-- for undocumented cisco commands, take a peek @ dotu
Gmail doesn't block attachments other than executables (like the 30 .pif viruses you get every day).
Non-executables (zip, jpg, doc, html, gif, pdf, etc.) are accepted just fine, and the per-message limit is 10 megs.
Kevin Fox
Without POP and SMTP support, who really cares? I don't have time to check 50 emails a day on a web interface.
For web email I use mailvault, and for real email I use gmx, which still gives you free POP3 and SMTP.
I am getting tired of the line "big companies have to be evil because they only care about profit". Let the evil companies sell crack to help their bottom line, let me support companies like Google who gives me something in return.
bring it on! --- JFK
Generally, the files I want to backup are only the documents I create (I'm a writer). There are not that many that I generate a week, they're not big compared to things such as mp3s, and they compress well. But I'd like to have a means to automatically backup my work easily and safely.
It should be easy enough to write a script that zips up all document files in specified directories and mail it to my Gmail account as an attachment. Of course, you could encrypt it if you want more security. Then set up the script to be run once or twice a day. It should be easy enough to make most backups to be incremental with only the recent changes, and every so many days make a full backup.
Of course, using Gmail for backup depends on the reliabilty of Google, and it's quite possible that if things go wrong in Gmail, you may have no means of recovering the email with the backups. So, having an alternative place to store the backups on occasion would be a good idea. Maybe Hotmail and Yahoo mail could be used for that.
I've had a beta account for about a week now, and ironically enough I find the search feature the most lacking.
You can only do whole word searches... if you want to search for emails from your friend Bob Chuzzlewit-Pumblechook, and you have ten friends named Bob, you can't shorten your search by searching for "Chuzz", as that will return nothing.
Kind of ironic, since on any other email client you can search for partial words.
We need to trust Google, and others with similar promises, to progress with our interconnected infosphere. In order to trust people with material this valuable, we subject them to audit. We audit banks, we audit factories, we audit farms, we even audit gameshows. We need to audit Google. Google needs to be auditable. Their source code, while proprietary, needs to be audited by an auditor without other financial interest in Google, unlike the Enron/Anderson incest. And who audits the auditors? Other auditors - like a web of psychoanalysts, or peer-reviewing scientists, the web of trust must be at all levels, and open to verification on demand.
--
make install -not war
Storing a unique user ID is not an indispensable part of "nature of cookies"! It's a common approach for maintaining user sessions, but that does NOT mean that any use of cookies must somehow involve assigning unique ids to users.
Specifically, user id is absolutely not needed to store location/language information.
Using unique id to track user's sequential searches is a pretty obvious application (e.g., to know which ads would interest her), that's why some people are getting paranoid about it. It's something like library keeping a record of all the books you've read. Surely, usually, most people wouldn't care, but the privacy issues here definitely exist.
I use Google's search toolbar constantly. After a few days of using Gmail, I feel like Google is doing their best to make me even more dependent on searching (which in turn makes me dependent on their company).
The "Search Mail" box is always at the top of your page, on any screen, and since Gmail encourages you not to delete anything, the Search box becomes the easiest way to find stuff. (If there's a way to sort alphabetically by sender or subject, I haven't figured it out.) I think if I used Gmail regularly, it would make my brain even more more search-reliant in my daily life. It's one thing to have a cookie on my computer, but it's another thing to feel like they're messing with my brain. THAT is a privacy concern.
Last night i had a dream that i was checking my email, and my unused space on my account said 990 MB free!
Finally a dream that might come true!
-John Fenley
One good thing I see that can come out of this is our ability to use Gmail to Mirror GNU content, because their server farms wouldn't be bogged down as easily, and it's free as in beer, they can go ahead and save as many copies of the programs as they want, doesn't invade my privacy