Slashdot Mirror
'Google Just Made Gmail the Most Secure Email Provider on the Planet' (vice.com)
Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."
I specify that Congress should make broad legislation allowing a regulatory agency to select the most-appropriate, affordable, and effective technology of today; and today, that is the FIDO U2F Security key with RSA or ECC encryption. That's how I'm going to defeat identity theft once and for all.
Support my political activism on Patreon.
My job already requires smartcardauthentication for email.
And no Google spying & building a shadow profile for advertising.
Oh, and law enforcement does not have "backdoor access", at least not the way that I would interpret the phrase.
And you have what evidence for this? Unless you actually work at Google in a fairly technically privileged position you would have no way to know if they do or do not have backdoor access under any definition of the term you care to use. You would have to be daft to presume that organizations like the NSA or law enforcement agencies don't have or cannot get access to your communications with or without Google's permission. While you are correct that in general they would need to jump through hoops, there is substantial evidence to suggest that these hoops aren't much of an obstacle.
If law enforcement or other authorized agents of the courts present a valid and duly authorized document which legally compels Google to hand over your data, Google will hand over your data. If it's not correctly executed, is overly broad or has some other legal defect, Google will refuse.
No, Google MIGHT refuse at their discretion. You have no way to be certain of their behavior and you should adjust your own behavior accordingly.
If you have nothing to hide, you have nothing to fear?
Knowledge is power, and the more the government knows about you, the more power they have over you, and the less resistance you can provide against fascism, corruption, and other abuses of power. It's not just KGB-style threats and "tactical removal" of people who may present an obstacle to those in power (though the legal basis for "disappearing" people was put in place by the PATRIOT Act), it's also the more subtle manipulation of opinions and directing of actions in ineffective directions, as recently demonstrated by the highly targeted Russian Facebook ads.
Watch the population closely enough, and you can derail credible resistance long before it becomes a threat.
--- Most topics have many sides worth arguing, allow me to take one opposite you.