Long-time Hawk Wings readers will know that Google and data privacy are an old hobby horse of mine. (Many interesting things about Google, privacy and data ownership are summarised in a earlier Hawk Wings post, “Turning your back on Gmail”.)

Gene at Fred’s house worries about it too.

He looks around his Desktop and sees Google This and Google That and Google The Other Thing. He’s becoming dependent on Google apps to get through the day. And each new, undeniably clever and good, constantly improving Google app adds to the amount of data that Google knows about him.

He has an idea:

I think I need a new Google product to drop into beta. That would be, let’s see, Google Data Privacy. GDP would allow me to review all of the information that Google retains on me across all services, from all devices, and from all sources. GDP would allow me to determine the maximum data retention period for each of my services. GDP would allow me to selectively opt out of cross-service data mining & correlation, even if it reduced the quality of the services I receive. GDP would allow me to correct any inaccurate data in my profile. And GDP would log and alert me when my data was queried by other services.

I want my Google Data Privacy.

Related posts

• Nine reasons not to worry about Gmail
• More on Gmail, privacy and data ownership
• Turning your back on Gmail
• Microsoft to launch a GDrive competitor
• Google, Gmail and privacy

GPGMail plugin users take note. According to a Hawk Wings reader, emails signed with the GPGMail plugin may not be as safe as you think.

He writes,

I thought you might like to know that there is a serious security flaw in the gpgmail plugin. I discovered the vulnerability a few weeks ago, though I’m not the first to do so.

The problem is that if gpgmail detects a valid signature for part of a message, it displays a notice to say that the message is signed, even if parts of it are not. As a result, it is possible for an attacker to add arbitrary data (extra text, attachments, etc) to a signed message and it will appear to the user that the whole message is signed.

There is more detailed discussion in the mailing list archives:

http://www.sente.ch/Lists/gpgmail-users/List.html

The username and password required to view the archives are “sente” and “sente”.

[Thanks, Nicholas]

Related posts

• NetShred X 3.17: Thunderbird, Camino support
• Encryption tutorial for Mail.app
• You’re invited: Outlook meeting plugin for Mail
• WideScreenMail plugin gets two-line preview
• WideMail 0.1.0: Real Widescreen Preview Column

NetShred is a stand-alone app that protects your privacy on the Internet by shredding the browsing histories, caches and deleted items of your browsers and email clients.

Of course, it supports Mail.app, Safari and Firefox. It even supports Eudora and Mailsmith.

A new version released today adds Camino (excellent! ), Shiira and Opera to that list. Thunderbird is now also supported.

It can erase and/or overwrite (not just delete) the following: browser caches, Internet histories, email trash, download caches, your quicktime cache, favicons and cookies.

NetShred X is a universal binary. It’s shareware (USD 19.95) and a demo is available from the developer’s web site .

Related posts

• Turning your back on Gmail
• Two great Mail.app tips
• Thunderbird and Mail.app compared
• Switching from Eudora for Windows to Mail.app
• Spam-busting: Mail.app and Thunderbird compared

Webmonkey has published the introductory chapter to PGP & GPG: Email for the Practical Paranoid by Michael W. Lucas.

It covers Phil Zimmermann’s first steps with PGP, the lawsuits with the US Government, the launch of OpenPGP, GnuPG, legal aspects of encryption and more.

A brief quotation:

The ideas behind PGP had been known and understood by computer scientists and mathematicians for years, so the underlying concepts weren’t truly innovative. Zimmermann’s real innovation was in making these tools usable by anyone with a home computer. Even early versions of PGP gave people with standard DOS-based home computers access to military-grade encryption.

UPDATE: Mirko posts a link in the comments to an audio interview with Jon Callas , CTO at PGP Corporation, who also explains the history of PGP. Thanks.

Related posts

• GPGMail 1.1.2
• GPG: Encrypting messages in Apple Mail
• Weekly Update
• Turning your back on Gmail
• Too much information? Spotlight, metadata, and privacy

Four interesting things from the world of email in general:

• ClickZ provides a brief overview of an email’s journey from the time you click Send to the message’s arrival at its destination.
• According to CNet News , a judge has ordered that a defendant needs to hand over all his email to the plaintiff. What’s interesting about this is that the defendant’s email is housed with Gmail. Gmail, you will remember, says in its privacy policy that deleted emails “may remain in our offline backup systems” indefinitely. “Delete it and it’s gone” doesn’t seem to apply with Gmail. That’s bad luck for the defendant.
• In The New York Times, David Pogue posts a funny email from Hotmail about how to deal with unwanted email from the provider. It runs, “Free Hotmail users: If you do not wish to receive Hotmail member letters, you may close your Hotmail account.”
• The New York Times also has an op-ed piece on Goodmail (registration required, but worth it) , the company that has been hired by AOL to provide “safe” delivery of wanted emails to its customers. There was a fair bit of coverage about this new “email tax” a few weeks ago.

Related posts

• MacFreePOPs 2.0: Webmail plugin gets auto-updates, goes almost universal
• Google, Gmail and privacy
• Why email stamps are a good idea
• Webmailer: Easily set webmail services as your default mailer
• Turning your back on Gmail

Some people worry about Gmail, data ownership and privacy. But not Nitin Jagga.

He provides nine reasons why concerns about Gmail are “bogus”.

Three of the reasons are actually Gmail features that have “entranced” him, but it is still a useful collection of the kinds of arguments that people will put in Gmail’s defence.

Is the argument convincing? Hmmm…..

UPDATE: As Christian points out in the comments, Nitin’s post is a word-for-word rip-off of an article by Tim O’Reilly published in 2004.

Related posts

• Turning your back on Gmail
• New Google Beta App?
• More on Gmail, privacy and data ownership
• Google, Gmail and privacy
• Yahoo!, Gmail, Microsoft email chiefs sit down to dinner