Google responds to data concerns over cloud apps

Powered by SC Magazine
 

Plans on introducing HTTPS as standard to all users.

Google has responded to criticism that its online applications have poor security.

In an open letter to Google chief executive Eric Schmitt 38 computer scientists, law professors and security experts highlighted their concerns over the current state of security in the inline applications.

“Google’s default settings put customers at risk unnecessarily. Google’s services protect customers’ usernames and passwords from interception and theft,” the letter reads.

“However, when a user composes email, documents, spreadsheets, presentations and calendar plans, this potentially sensitive content is transferred to Google’s servers in the clear, allowing anyone with the right tools to steal that information.”

The letter, signed by such luminaries as Dr. Ian Brown from the Oxford Internet Institute, Jeff Moss (founder of the DEFCON hacking conference) and Brice Schneier, chief security officer for the BT Group, urges the company to make HTTPS an opt out rather than opt in service and increase the visibility of encryption services.

Google has been quick to respond to the criticism. In less than 24 hours the company had replied on the Google online security blog, with a promise to introduce HTTPS into all Google apps as soon as possible.

“We're planning a trial in which we'll move small samples of different types of Gmail users to HTTPS to see what their experience is, and whether it affects the performance of their email,” said Alma Whitten, a software engineer in Google’s Security & Privacy Teams.

“Unless there are negative effects on the user experience or it's otherwise impractical, we intend to turn on HTTPS by default more broadly, hopefully for all Gmail users. We're also considering how to make this work best for other apps including Google Docs and Google Calendar.”

Copyright ©v3.co.uk


Google responds to data concerns over cloud apps
 
 
 
Top Stories
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
Immigration breached Privacy Act with data leak
Pilgrim slams "copy and paste" of asylum seeker data.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 782

Vote