
Protect Gmail messages with confidential mode - gschier
https://support.google.com/a/answer/7684332
======
B-Con
Edit: Removed my original write-up to double-check something, lost the write-
up, retyped a tl;dr version.

This is aimed at Enterprise, not individuals looking for a Signal-like
messaging platform.

"Confidential" e-mail implementations already exist in many places. Plenty of
messages need to be e-mailed but the contents can't be inlined due to
compliance. eg, medical systems send e-mail updates that are just a plain
message but the e-mail is just a link to an auth portal and behind that is the
actual message. Not great user experience.

But here, is G-Mail already has Google-grade auth and the same auth as Google
Vault, so the document can be stored in Vault and in the e-mail the link and
payload itself can be automatically swapped when sending or receiving. Smother
user experience. eg, vertical product integration.

This is clearly targeted at Enterprise (G Suite, plus half the questions are
about compliance). By default, Apps users are able to _use_ this feature,
although it can be disabled at the domain level by admins. It is not the
actual sending of e-mails in this manner that's the default.

Put another way: If you don't see the point of the feature, you aren't the
target audience. It's not trying to be Signal.

I just don't smell anything nefarious here.

Disclaimer: Am Googler, but unrelated to the project. Just heard about it now
and have enough experience in this area that the feature's context seemed
clear to me.

~~~
fhbdukfrh
You cannot be a employee of Google and "100% unrelated to this project". I
understand you're not involved with it directly but you've obviously bought
into the company, their mission and their methods.

As far as tinfoil hats (thanks for the assumption that anyone skeptical of
Google's intentions is a crackpot) if this was not a net gain for them and
merely a feature for enterprise compliance, why are they turning it on fit all
Google apps clients by default? Under your charitable scenario they could
offer it to those who need it without impacting us crazies.

~~~
B-Con
That's close enough, in big company dynamics being in an unrelated arm can be
farther away than some members of the public. Feels like a nit.

I didn't imply every skeptic was donning tinfoil, but I saw a couple claims
here and elsewhere in that range.

The default setting is to _allow_ e-mails to be sent confidentially, not to
actually send them confidentially. Seems like a typical default. Here's a new
feature, by default you're allowed to use it unless domain admins want to
disable it.

------
dividuum
What a shit show:

"When someone sends a confidential mode message, Gmail removes the message
body and any attachments from the recipient's copy of the message. These are
replaced with a link to the content. Gmail clients make the linked content
appear as if it's part of the message. Third-party mail clients display a link
in place of the content."

So it's neither confidential (google can read it), nor an email (as it's just
an email containing a link to some google site).

------
copperx
Is this the beginning of the end of SMTP?

One thing the document doesn't address (unless I missed it) is whether a
confidential message can be fetched using IMAP.

------
craftinator
I don't understand how this protects GMail emails, or how it provides any sort
of confidentiality.

