back to article Google pries open YOUR mailbox, invites developer partners

Google's announced a grand plan for email that involves letting World+Dog write apps to access your inbox, just so long as you've given them permission to do so. Hailed by some as “replacing IMAP” (good luck with that, Google, if it's your aim), the new Gmail API is more prosaically outlined by the Chocolate Factory's Eric …

COMMENTS

This topic is closed for new posts.
  1. Neoc

    Oh Problem? Where art thou, Problem?

    <<The Wall Street Journal says, for example, that “A travel app, for example, could scan your email inbox for booking confirmations and automatically compile them into an itinerary. An expense app can dig through your inbox for receipts and automatically file them to your cloud-based account.”>>

    Funny, TripIt already does that with my emails and doesn't require a new protocol. Yet another Solution looking for a Problem.

    1. Anonymous Coward
      Anonymous Coward

      Re: Oh Problem? Where art thou, Problem?

      Google have now reached the Feature Creep Event Horizon.

  2. Magani
    Big Brother

    OK, Google

    Where is the button that says, "Not only 'No', but 'HELL, NO!'"

    Is the NSA writing APIs for Google now?

    1. big_D Silver badge

      Re: OK, Google

      No way, no how.

      Luckily I never use GMail for anything private or business related.

      All flights etc. are booked through the company, so I only get a confirmation email from the travel department to my company mail account.

      Expenses? I've never had any expenses receipts delivered by email.

    2. This post has been deleted by its author

      1. Jordan Davenport

        Re: OK, Google

        If you have your social security number or banking information in plaintext in something as insecure as email, you've got bigger troubles. Just about anyone in the middle of the transit can view the data contained within an email.

  3. codebeard

    Google gets permissions wrong again!

    No doubt after a few years, Google will take these 4 permissions and just roll them into 1, just like they have recently done with Android.

    Google just does not seem to understand the idea of privacy.

    It's enough for me to give all my email data to Google. I don't want to share every email I've ever had with third parties.

    I would only use something like this if:

    1. Users could override the permissions. If the app wants full access but I only give it read-only access, it can ask me nicely to increase permissions, but otherwise it should do its best to function anyway.

    2. I could optionally set per-label permissions. So I could give an app full-access to emails labelled with "Newsletters" or something. Alternatively, an app could ask for permission to access emails matching a specific search query (e.g. "from:*@appcompany.com").

    3. It were possible to see how much data the app had requested and how often, as well as the last N emails it has fetched.

    1. Neoc

      Re: Google gets permissions wrong again!

      Download "App Ops" from the Play store. Depending on your version of Android it provides access to the permission manager.

    2. Anonymous Coward
      Anonymous Coward

      Re: Google gets permissions wrong again!

      It's enough for me to give all my email data to Google. I don't want to share every email I've ever had with third parties.

      At some point a company reaches a limit on how much they can monetize you without selling your information to third parties. Perhaps Google is reaching that limit, and trying to Zucker people into giving up their privacy.

      1. Anonymous Coward
        Anonymous Coward

        Re: Google gets permissions wrong again!

        Then you need to learn to read.

        Google privacy policy not only prevents this, but this api doesn't offer this without your express permission either.

        1. Anonymous Coward
          Anonymous Coward

          Re: Google gets permissions wrong again!

          "Google privacy policy not only prevents this, but this api doesn't offer this without your express permission either."

          Yeah, because every bit of android software is legit?

          Do you want "PostaPic" to access your email?

          99.9999999999% will blindly choose yes.

          Oh look here are your banking credentials, your website credentials and every bit of confidential information whizzing it's way to Russia or China.

          1. Anonymous Coward
            Anonymous Coward

            Re: Google gets permissions wrong again!

            I hadn't thought of that, but since these days many people never delete emails, they will have emails that contain years worth of sensitive information.

            What's worse I think is the outgoing email. Now that no one faxes anymore, everyone blindly sends PDFs with sensitive information like SSNs, bank account numbers and who knows what else, and it sits in their email outbox essentially forever on GMail, since Google provides tons of storage because they don't WANT anyone to ever delete anything!

            Even the rare people who use encryption aren't protected, since the copy in your Sent Items folder is unencrypted!

    3. Thorne

      Re: Google gets permissions wrong again!

      "Google just does not seem to understand the idea of privacy."

      Of course not. They're a search engine. Privacy to them is nothing but a long line of stupid court battles dredged up people looking for either a quick buck or trying to hide from the stupid thing they did in the past.

      If technology stopped every time someone squealed about privacy issues, we'd still be in caves. There is no privacy anymore. Mobiles track your location. People plaster facebook with updates every time they take a dump. Every retailer tracks the spending patterns of consumers. The government keeps all your financial records. Security cameras are everywhere.

      What privacy is left?

      Privacy died years ago. All that's left is anonymity.......

    4. James 51

      Re: Google gets permissions wrong again!

      This is one thing I like about blackberry apps. If they ask to be able to access ID info, GPS and BBM I can deselect those and the app will still work.

  4. Anonymous Coward
    Anonymous Coward

    There truly isn't anything as evil as Google

    Made all the worse because like all who fall under the Price of Darkness' spell, they delude themselves into thinking they are actually doing God's Work.

  5. Tree

    truly EVIL!

    Gurgle wants to know everything about you, but NOT to help you. If you let this happen, you are screwed.

  6. Mark 85 Silver badge

    CRUD?

    I think that pretty much sums it up... and not the acronym either.

  7. Chairo

    I wonder

    in which component of Android this API resides? If it is part of the gmail process, it should be possible to disable it in the App Manager and use an alternative mail app (like K-9), instead.

    1. Neoc

      Re: I wonder

      @Chairo: It won't (just) be in Android - If Google are planning on superseding the IMAP API as stated then it mean that any email account you hold at Google (via gmail.com or your company having parked their mail server there) will be accessible via this API. Although I'm sure they'll squeeze it into the Android mailing client so that your non-gmail letters can be perused.

  8. Turtle

    Yes Indeed.

    "Designed to let you easily deliver Gmail-enabled features, this new API is a standard Google API, which gives RESTful access to a user’s mailbox under OAuth 2.0 authorization. It supports CRUD."

    No surprises there.

  9. Anonymous Coward
    Anonymous Coward

    Sorry

    I don't see the point you are trying to make. How is this different from any other email app having access to your email inboxes?? Can't said app send messages, delete messages, etc? And can't said app technically query all your emails and scan them?

    1. Anonymous Coward
      Anonymous Coward

      Re: Sorry

      The difference is that Google weren't able to implement IMAP correctly, so they're creating their own custom interface instead.

      In these days of Compuserve2.0, we can't have users accessing their own information over industry-standard, time-tested, standards and protocols. Custom, proprietary, vendor-specific protocols are the order of the day.

  10. adnim
    Unhappy

    In the year...

    In the year thirtyfive thirtyfive twenty - one nine

    Ain't gonna need to tell the truth tell no lies

    Ev'rything you think do and say is in the pill app you took ran today.

    In the year fiftyfive fiftyfive twenty twentyfive your arms are hangin' brain is limp at you you're dead inside side

    Your legs mind's got nothin' to do

    some machines doin' that for you.

    1. Paul Crawford Silver badge
      Thumb Up

      Re: In the year...

      Well played!

    2. chivo243 Silver badge
      Happy

      Re: In the year...

      Are you Mr. Zager or Mr. Evans? Well Played!

      1. adnim

        Re: In the year...

        Ty both, I am just an old school cantankerous old bastard that will never ever give up my privacy and freedom to choose.

  11. Mitoo Bobsworth
    Happy

    Help yourself...

    ...& enjoy my junk mail account.

  12. Jean Le PHARMACIEN

    Time to drop Gmail?

    I use my Gmail account for Google related stuff only. Looks like it's definitely going to stay that way - really don't find handing the keys (that permissions stuff is far too lax for some 'enterprising' developers...) to my box to other apps that appealing. If Google are going to tweak the Android Gmail app to give access non-gmail accounts - that'll be the nail in coffin of the Android Mail app.

    So, K9 mail [or similar] + non-Gmail email accounts in future? Perhaps I'll stick to my Orange email account as they don't spaff its access to all and sundry, Ahhh...er ...wait....

  13. Dan 55 Silver badge
    Facepalm

    So basically just like giving out your IMAP password then

    Add some pointless permissions like Android, loads of developers will ask for all of them, loads of users won't care anyway.

    Maybe Google will flick the switch one day and charge for access to the API once they have reached a critical mass of users, like Maps.

    1. Badvok
      Thumb Up

      Re: So basically just like giving out your IMAP password then

      Yep, or your POP3 password, but keep it quiet or you'll upset all the people who like having a dig at Google no matter what they do.

  14. Gis Bun

    Errrr

    Now I know why I don't use anything from Google [where possible]. Add to the fact that Google electronically reads your mail so it can place ads in the Gmail pages that uses key words that came from your mail.

    And now this.

    Remember when Google cheated by creating a Google+ account automatically when you created a Gmail account? Few didn't even know their life was showing up in a Google+ page.

  15. earl grey Silver badge
    Unhappy

    GMAIL - it kicks your junk to the kerb

    Thanks, but no thanks. The government takes care of that for me.

  16. uncle grumpy

    you get what you pay for

    Well, it is free.

    And using it is not required, yet.

  17. Jim Birch

    Luddites of the world unite.

    Seriously, isn't this just enabling the kind of intelligence that is appearing everywhere and will become completely normal in a decade or two. Do you really think that in 2010 people will still be using email as a paperless version of a box of quill and ink mail kept under the bed? Seriously?

    It worries me that people will hand this kind of access out blithely, but that exists? No.

  18. OmgTheyLetMePostInTheUK

    WE ARE GOOGLE! You trust us! hehehe hahahahaha

    I use Google a lot, and have for a long time. I've used Gmail exclusively since it was an early beta. I use Google Docs, Google Sheets, Google Drive, Google Maps, and probably half a dozen other things that dont even come to mind right now. Some I use on a daily basis, others much less frequently, but I use Google for more than another any other online service. Well, aside from online games anyways.

    I think that kind of means that I have over the years come to embrace many online services. But no matter how hard I try, I simply cannot see any benefit to letting Google or anyone else read my email. I mean after years and years of Goggle screaming that NOBODY is reading YOUR email, now they are going to let any Tom, Dick and Harry that claim to be a programmer to ask me if they can access my email accounts?

    Has Google even thought about the uproar that is going to come from this? Or are they so blind to grabbing every last penny that they think only of the potential profits from this? Wake up Google. You promised us that NOBODY would read our email. This is the slippery slope where permission is asked for soon, but then a few years later, permission will be added into the terms and conditions of using Gmail, and then eventually anyone will be able to read anyones email, as long as they claim to be a programmer.

    Hey Google! I'm a programmer. I want your CEO's email address, and his permission to use this new feature on his account so that I can read, modify AND delete his email. I might even forward some of his email to other people and places. You know my email addresses. Please send all necessary info to me ASAP! Thank you! Oh and while we are at it, why not include the email addresses of all Google executives, and board members along with permissions from each of them as well.

    And thanks again Google. You are so wonderful. We will always believe everything you tell us. And now that I have put out the good word to the public yet again, please send me my check for .00000001% of your monthly profits for this month.

    *cough* *cough*

  19. /tmp

    your other google account

    What's the problem? Just provide access to your _other_ google account. You know, the one with no (accurate) personal information associated with it.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020