Google’s Deadly Daisy Chains

Google made it clear today it wants to satisfy the basic human desire to have property in one, easily accessible place. Bringing Gmail into search will supposedly help hardcore search users remember relevant messages that could provide them with the information they were looking for.

As a journalist, this immediately smells like a great feature. TechWeekEurope gets sent over a billion (slight exaggeration) emails every day, some of which never get read because we simply don’t have the time. Many are also exercises in inanity, but a few contain genuinely valuable figures or research that can be nicely dovetailed with other pieces to make for more rounded articles. It’s easy to see how academics or other research-focused organisations could benefit from this Gmail addition.

But there is no doubt Google is going to face a barrage of criticism for this. Some have already claimed it will make snooping a lot easier if people can access a Google account user’s machine. But it’s a moot point. Those people who leave their accounts open to others by just abandoning their logged-in device can only blame themselves when their data is compromised. Even if the Gmail feature were switched off, any idiot can just click on the big ‘Gmail’ icon to look through messages. Slow clap for the ones who pointed that ‘flaw’ out.

Another Honan story waiting to happen

A big worry here, however, is that Google looks to be planning on linking in a load of other services into search. It’s already doing this with Google+ and has done so in the past with other social services. With a little persuasion, it would come as no surprise if Google were to welcome tweets and Facebook messages further into its Knowledge Graph and therefore into logged-in users’ search results.

As it builds up this gigantic, cloudy daisy-chain, it will make life riskier for users. If a single sign-on via Google supplied searches that integrated private messages from other web services, it could be a security nightmare. In such a scenario, if a hacker gained access to your Google account, they would effectively have access to your other online identities too.

“Where will it stop? It’s email and web searches today, but what about tomorrow? Photo and video metadata? Social media content? Confidential DMs on Twitter?” wonders CEO of security firm CetiVox, Brian Spector.

“There are ethical challenges associated with accessing users’ data to this extent, but huge security issues, too. Once you’ve daisy-chained all these applications together, how can you be sure that they’re communicating login and authentication details to each other securely?

“The likelihood is that they’re not, so you run a very real risk that an application will be compromised, and then an even bigger risk that this will be used to compromise all the others. It’s another Mat Honan story waiting to happen.”

Indeed – Honan’s case, in which all his shiny Apple devices were wiped of precious data, exemplifies the risks of connected yet siloed services. Because the policy and security teams at Apple and Amazon didn’t work together, not only was Honan’s iCloud compromised, so was his Google account.

Competition fears

On top of these clear security issues, by announcing Gmail integration, Google is also risking landing in yet more hot water with competition authorities. Why aren’t users being offered Hotmail or Yahoo mail in search results? And why not Facebook messages now everyone is being told they have to have an @facebook address?

If its daisy-chains only tie up to Google products, the Mountain View giant can expect its enemies to start crying foul soon enough, just as they did when it made search more “personal” in January by tying in Google+ accounts but not those on other social media. Google is already being probed by the European Commission over alleged anti-competitive practices in the search market, and fresh complaints won’t help its cause.

It was a surprise announcement by Google this week. Google may be surprised at the backlash it gets too.

Do you know Google’s secrets? To find out, take our quiz!