Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Technology

Gmail Confidential Mode is Neither Secure Nor Private (protonmail.com) 67

Even though Google launched confidential mode over a year ago, people are still confused about what it does. Is it actually secure or private? Is it encrypted? From a report: When you turn it on, does it prevent Google from reading your messages? The answer to these questions is 'no.' In fact, the decision to call it "confidential" suggests a level of security and privacy that doesn't exist in Gmail confidential mode. Gmail's confidential mode does not mean your messages are end-to-end encrypted. Google can still read them. Expiring messages aren't erased for good, and the recipient can always take a screenshot of your message.

Gmail's confidential mode does not make emails private because Google can always read them. When you send an email with confidential mode turned on, Google keeps the email contents on its servers. Other Gmail users can read the email in their inbox, but outside users only receive an email notifying them that a sender "has sent you an email via Gmail confidential mode" along with a link to a page on google.com.

This discussion has been archived. No new comments can be posted.

Gmail Confidential Mode is Neither Secure Nor Private

Comments Filter:
  • by Anonymous Coward

    A lot of companies use something like SendInc. It's almost identical to Gmail Confidential. It allows you to address a message, attach files, and then send it to another user. The recipient can open the SendInc message, download attachments, and print stuff. When the message expires, the recipient can no longer access it to download attachments or print the message.

    It makes it handy for sending things like patient xrays to a new dental office for example. It's an easy way to transfer records without us

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      It does everything above, except it prevents you from downloading/accessing attachments or printing the message

      I bet it doesn't.

      I bet it just makes the process to do so a lot more annoying.

    • by Anonymous Coward

      Why use insecure e-mail when you can use secure email instead? My e-mail is secure ... why isn't yours? Oh, because you do not have e-mail ... you have someone else's computer system calling itself e-mail over which you can exercise no control. Got it. I understand perfectly.

      You think all e-mail is insecure because YOU have chosen INSECURE E-MAIL for yourself and assume that everyone else did as well.

      The pox on you, moron.

    • except it prevents you from downloading/accessing attachments or printing the message.

      This is completely and utterly wrong. If a browser can display information, that means it is downloaded to recipient's computer. Whether the user can use data in a way that was not intended to is depending on his/her personal abilities.

      That is also why Anonymous Coward feature in /. is wrong and harmful. No computer professional or a geek or anybody with any claim of technical competency can write a message that wrong this recklessly with their name attached.

      • Pegdhcp, your parents were really strange to name you that. I've never seen anybody named pegdhcp before. Is it latin? It doesn't seem Japanese, I took two semesters so I know what a Japanese name sounds like. I suppose it could be Portuguese...

        I hope you get my point. AC mode is for the karma system. It has very little to do with actually being anonymous, because unless you actually signed up under your name and post your email in your sig, you're still anonymous on the internet. Nobody knows who the hell

        • Sorry to bother you sire in your slumber. These days most AC messages are either swastikas, insults on several racial minorities and clueless IT commentators. GP is in the last category I believe, you naturally are to your opinion, and I really thank you expressing them with your actual username whatever you choose it to be.
  • Gee, if you have to ask that question you must have been living in a cave for the past few years. Do you really think that any privacy setting that google (or Facebook, for that matter) provides to its users will affect the ability of google (or Facebook) to slurp up all your data? Really?
    • by gwolf ( 26339 )

      Well, in mobile instant messaging platforms (think Whatsapp/Telegram), the client installed in your device *does* encrypt messages to the recipient device's key — Whatsapp is owned by Facebook. So, yes, it *could* mean it is confidential if a similar arrangement were to be used. Of course, it is not the case.

      • }}} Whatsapp is owned by Facebook. {{{ --- True. I was speaking of Facebook proper and the new "privacy" push it is going through, not the subsidiaries. With Whatsapp - how do you know there are not multiple decryption keys available, a.k.a. a back door? Is the app open source so you can see what is going on inside of it?
        • by gwolf ( 26339 )

          No, you cannot be sure. And no, I don't blindly trust or endorse them (nor Telegram, FWIW) - I'm replying to your previous comment. It _could_ affect the ability to slurp your data. It just _does_ not.

      • It would also be entirely possible for Whatsapp to send themselves the encrypted key as well, and then they'd also have full access to the texts. Seems a bit absurd to me, but definitely within the realm of possibility.

    • by gweihir ( 88907 )

      Some people do not understand how the technology works, hence they may believe such a thing. Lets just say this is not going to happen. The only thing that Google really makes money on is targeted ads. These require data and there is no way to prevent google from seeing things that are on their servers.

  • by Merk42 ( 1906718 ) on Friday June 21, 2019 @11:20AM (#58799718)
    TFS just mentions what it doesn't do. I know I'll get a bunch of "LeTs GoOgLe SeLl YoU aS a PrOdUcT" type responses, but what different does confidential mode make?
    • by gwolf ( 26339 )

      It breaks interoperability.
      With confidential mode on, gmail messages the non-gmail-users receive will just be a link to an autogenerated gmail webpage. In order to read the message, you will have to follow the link.
      So, goodbye to offline mail reading.
      Goodbye to mailing lists (and, of course, their archives).
      Goodbye to me being able to archive my mails however I see fit.
      I hope they backpedal. They might achieve killing email as a multitenant, interoperable communications medium.

      • by gweihir ( 88907 )

        Interesting. That sounds like they want to essentially lock out non-Gmail-users. If I ever get such a message, I will probably simply ignore it.

    • }}} but what different does confidential mode make? {{{ --- It provides the illusion of privacy for those who read and believe marketing materials?
    • by Jaime2 ( 824950 )
      It's the equivalent of what other companies refer to as "secure email". It guarantees that direct access to the content is done over encrypted communication, and provide some level of tracking. It also is more difficult for a third party to read the content in transit than traditional email, while being easier to use than S/MIME. Any other inferred security or privacy doesn't exist.
    • by GuB-42 ( 2483988 )

      - The email self destructs, a bit like Snapchat.
      - You can require the recipient to enter a code that is sent via SMS.
      - Copy, Forward, etc... are disabled.

      It is not at all the same purpose as end-to-end encryption ala ProtonMain. It won't do much against for big, distant threats (state actors, police, hackers, ...) but it can be effective against small, close threats (significant others, coworkers, friends, family, ...).

      Examples:
      - "Bob, you are invited, but don't let Eve know". Here, Eve is Bob's girlfriend,

    • TFS just mentions what it doesn't do. I know I'll get a bunch of "LeTs GoOgLe SeLl YoU aS a PrOdUcT" type responses, but what different does confidential mode make?

      https://support.google.com/a/answer/7684332?hl=en [google.com]

      Which, BTW, clearly explains what it doesn't do as well as what it does, and quite a bit more succinctly and clearly than the protonmail article.

  • >> "In fact, the decision to call it "confidential" suggests a level of security and privacy that doesn't exist in Gmail confidential mode."

    When you talk about what something "suggests" you have long left the realm of fact ...

    But this claim is prefixed with "in fact".
  • It's shocking I tell ya!!!

    People saying one thing but doing something else instead... Google has learned from the politicians that this is very possible and a solid game plan.

    Politicians have been promising the sheeple for a long time that they will solve their problems if they vote for them, and when they get into office, they turn right around and do the opposite. And the people just keep voting for them... and when you call out these morons they come up with every excuse they can think of for how they a

  • by Anonymous Coward

    "I can shit in a box, and mark it guaranteed, trust me, I've got time, but until then, why don't you buy a quality product from me?"

    • People don't understand how valuable this lesson is. Even when they think they know that a warranty/guarantee/promise is only as good as the company backing it up they still blindly trust the words placed on boxes that are clearly intended to deceive.

  • Really, this is news? Do you not know how Google works?
  • Does not surprise me. That company has an immoral business model and increasingly (excellent!) a problem justifying it.

  • "Studies have shown that the con part in Gmail confidential, is switched on."

    • This is a problem with morons not understanding what words mean.

      Confidential is an adjective. Just because you call something confidential does not mean that all of a sudden there is security being performed around the document. It just means it is confidential. If the person or system handling it does not care if it is marked as confidential it means nothing for them.

      Confidential mode is just a mode, it is the ignorance of the people themselves to "assume" that it "suggested" that additional security or

  • We do NOT have our software set-up correctly. RIght now, anybody can read just about any/all emails, text, IM, etc. And in general, few in the west, really care. So, now we think that simply passing a law that blocks American gov from looking at this without a warrant will take care of everything. NOPE.

    America (and ideally, other nations in the west) need to pass a law that says the the government can read/copy/use any publicly available data, otherwise, they need a warrant. The means that if you send cl
  • by fahrbot-bot ( 874524 ) on Friday June 21, 2019 @12:14PM (#58800074)

    If you receive a "Confidential Mode" Gmail notification, read the email and reply to the sender that any further Confidential Mode emails will be ignored and that you only accept regular (i.e., non-Confidential Mode) email.

    Personally, I use Thunderbird on my desktop to POP my mail and only log into Gmail periodically to empty the Trash.

  • by WoodstockJeff ( 568111 ) on Friday June 21, 2019 @12:37PM (#58800286) Homepage

    "... but outside users only receive an email notifying them that a sender "has sent you an email via Gmail confidential mode" along with a link to a page on google.com."

    That describes a large percentage of the phishing emails that come in to us. "Please review the message on onedrive/dropbox/googledocs and respond." "PersonYouDoNotKnow has sent you a secure email, click here to view it."

    Our system has filters to reject the common file sharing sites, including google.

  • Confidential is for when you want to search for information about Cardi B but don't want to see news stories of her showing up for weeks afterward.
  • If you do NOT trust me, then why would I want to read your email?

    All I want from confidential-mode email is to bounce it. As soon as I've made a permanent copy, of course.

    Seems to me like this is a gigantic opportunity for someone else to offer a better email alternative. They don't have to copy all the features of Gmail. The option to bounce confidential-mode email would be worth about 50 trivial features.

    By the way, I'm betting this obvious statement is not included in the Slashdot discussion: The obvious

C for yourself.

Working...