Confidential Mode<\/a>, and it\u2019s an easy way to make email more private.<\/p>\nConfidential Mode lets you add an \u201cexpiration date\u201d to emails. Once that date arrives, the email is no longer viewable by the recipient.<\/p>\n
Messages marked as Confidential can\u2019t be copied, forwarded, printed or downloaded.<\/p>\n
And you can revoke access at any time.<\/p>\n
Sounds great, right? Well, not so fast. There are a lot of \u201cgotchas\u201d in the new Confidential Mode that you need to know about.<\/p>\n
But first, here\u2019s how to get and use it.<\/p>\n
First, make sure you get the new Gmail, which I highly recommend.<\/p>\n
Venerable Gmail is now turbocharged by a list of handy features, including the ability to \u201csnooze\u201d emails, A.I. that \u201cnudges\u201d you to follow up on specific emails, and even SmartReply, which uses neural networking to give you three options for one-click replies \u2014 a feature that used to exist only on mobile but now lives in the browser version as well.<\/p>\n
The new Gmail will even pre-emptively suggest when you might want to unsubscribe from newsletters or other subscription-based content, based on it\u2019s observations about what you open and what you don\u2019t.<\/p>\n
A feature called Hover Actions lets you gain access to options for handling an email before you even open it. You can archive, delete, snooze and do other things right there in the inbox by simply hovering your mouse pointer over the line.<\/p>\n
Google Calendar, Keep and a new to-do list called Tasks can be viewed on the right side of the inbox, if you like.<\/p>\n
A Google Plus-like feature called Plus Mentions lets you cc: people from inside the body of the message. Just add a plus sign and start typing the person\u2019s name. A dropdown menu of people will appear. Select a name, and it will be auto-completed in the email and also added to the cc: field.<\/p>\n
The new Gmail has more great features as well. It\u2019s the best version of Gmail ever by far.<\/p>\n
To get it, click on the \u201cgear\u201d settings icon near the upper-right corner. The first menu item should be \u201cTry the new Gmail.\u201d Choose that option. (If you\u2019ve already got it, you\u2019ll see \u201cGo back to classic Gmail.\u201d)<\/p>\n
Here\u2019s how to use Confidential Mode. Click on the \u201cCompose\u201d button in the upper-left corner. You can write your email as you normally would, then click on the small icon at the bottom right that shows a clock in front of a lock. Here you can set the expiration for one day, five years or any of several durations in between, and also optionally choose to require an SMS passcode.<\/p>\n
If you do choose the SMS passcode option, you\u2019ll be prompted for the recipient\u2019s phone number. The recipient will get the passcode, which remains valid only for five minutes.<\/p>\n
Best of all, any email sent using Confidential Mode can be revoked at any time, regardless of what the expiration date was. Just open the email in the \u201cSent\u201d folder and click \u201cRemove access.\u201d If you\u2019d like to make it available again, choose \u201cRenew access.\u201d<\/p>\n
Confidential Mode is great, but don\u2019t get lulled into a false sense of security. It\u2019s more private than regular email (which isn\u2019t saying much). But it\u2019s not as private as other forms of communication. And it certainly isn\u2019t secure.<\/p>\n
Confidential Mode works by storing your email in a secure space on Google servers in the cloud.<\/p>\n
When both sender and recipient use Gmail, the email appears normal. But recipients who do not use Gmail get a link for viewing the email in a browser.<\/p>\n
The messages you send or receive via Confidential Mode are not actually email. The link is an email, but the message is an email-looking page on the internet that\u2019s password-protected.<\/p>\n
Emails containing the link can, in fact, be forwarded, but only the intended recipient can successfully open the link.<\/p>\n
When someone gets one of these forwarded mails, they\u2019re prompted for their Google login username and password to determine whether or not they\u2019re the intended recipient.<\/p>\n
This is problematic, because it invites link-baiting phishing attacks, which could con people into revealing their login information.<\/p>\n
An easy-to-imagine phishing attack would say that a Confidential Mode email has been forwarded and can be seen by clicking on the provided link. Once the victim arrives on the linked page, a Google-like login page requests a Gmail email address and password. Once those are entered, the phishers can capture the information they need to compromise their victim\u2019s Google account.<\/p>\n
Good email encryption systems encrypt email on one end and decrypt it on the other, making it inaccessible even to the mail provider. The sender is in control until it\u2019s sent, after which time the recipient is in control.<\/p>\n
Google\u2019s Confidential Mode does the opposite. Google itself has possession and control of the email at all times and grants or revokes access based on the choices of the sender.<\/p>\n
In other words, Gmail Confidential Mode stores emails on Google\u2019s servers, which are accessed via a URL link in an unencrypted message. And if you choose the more-secure passcode option, Google will also gain access to the recipient\u2019s phone number.<\/p>\n
Google hasn\u2019t announced, nor do its privacy policies state, that emails and phone numbers will be deleted from Google servers after expiration. The safe assumption is that Google retains them indefinitely.<\/p>\n
Google says Gmail Confidential email can\u2019t be copied, forwarded, printed or downloaded, which isn\u2019t exactly true. It\u2019s easy to take a screenshot or photo of the email, which copies it, and that copy can be forwarded, printed or downloaded.<\/p>\n
Also: Confidential Mode doesn\u2019t work with attachments. If you attach something to the message and try to send using Confidential Mode, you\u2019ll be prompted to choose between the attachment and Confidential Mode.<\/p>\n
Gmail Confidential Mode also raises a sticky set of issues around data retention compliance.<\/p>\n
Enterprise employees using regular consumer Gmail may run afoul of requirements for the retention of company email.<\/p>\n
Gmail in G Suite, on the other hand, enables compliance, but at the expense of user privacy. The company can use Google Vault to view emails, even after expiration.<\/p>\n
So in an enterprise environment, standard Gmail breaks the law, while G Suite Gmail breaks the privacy.<\/p>\n
Don\u2019t think of Confidential Mode as secure email that\u2019s easy at long last. Instead, think of it as a very easy way to maintain a little more control over the email you send.<\/p>\n
Confidential Mode is more private than regular email, but it\u2019s not secure.<\/p>\n
I recommend that you use it, but knowingly and with caution.<\/p>\n
http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"![](\"https:\/\/images.techhive.com\/images\/article\/2014\/10\/gmail-100527831-primary.idge.jpg\"\/)
<\/p>\n
Credit to Author: Mike Elgan| Date: Sat, 12 May 2018 03:00:00 -0700<\/strong><\/p>\n\n