Google pries open YOUR mailbox, invites developer partners

[Reefa]

Google's announced a grand plan for email that involves letting World+Dog write apps to access your inbox, just so long as you've given them permission to do so.

Hailed by some as “replacing IMAP” (good luck with that, Google, if it's your aim), the new Gmail API is more prosaically outlined by the Chocolate Factory's Eric DeFriez in this blog post.

“Designed to let you easily deliver Gmail-enabled features, this new API is a standard Google API, which gives RESTful access to a user’s mailbox under OAuth 2.0 authorization. It supports CRUD operations on true Gmail datatypes such as messages, threads, labels and drafts.”

Why would the world need this? DeFriez again: IMAP “wasn’t really designed to do all of the cool things that you [that is, developers at Google IO] have been working on”.

The Wall Street Journal says, for example, that “A travel app, for example, could scan your email inbox for booking confirmations and automatically compile them into an itinerary. An expense app can dig through your inbox for receipts and automatically file them to your cloud-based account.”

The developer (with permission and authentication, of course), merely needs to send HTTPS calls to the user's mailbox to receive JSON, XML of Google Protobuf responses, “without using a TCP socket, which means the API is accessible from many cloud environments that couldn't support IMAP”.

The API doesn't touch everything the Chocolate Factory can see, but a quick scan shows that it's still pretty comprehensive. Once an app is authenticated to your mailbox it can create and delete messages, or (Vulture South can't imagine this being ever misused) insert a message directly in a target mailbox without actually sending the message from a source.

There's a send method that'll take a message in your inbox and forward it on, there's a method to list all of the labels in a user's inbox, and more. Resource types covered by the API include drafts, history, labels, messages, attachments, and threads.

Google says the API provides fine-grained permissions, so “if your app only needs to send mail on behalf of a user and does not need to read mail, you can limit your permission request to send-only”.

However, as the documentation shows, Google's idea of “fine grained” means there's four permission classes. An app can either:

• Request full access to the target account;
• Request access for everything except the ability to delete messages or threads;
• Read access, but no write or delete rights; or
• Access only to create and send messages and their associated drafts.

Even if this fits the definition of “fine grained permission”, Google seems at best optimistic if it thinks this advice will be heeded: “Generally, your app should use the most restrictive scope that meets its requirements.”

In a world where a nearly-zero-function app like Yo requests all the permissions the NSA doesn't ask for, that seems unlikely.

El Reg also notes that Android developers have already shown themselves less-than-brilliant at handling OAuth credentials, the basis by which the Gmail API will let developers at inboxes.

Source

[frogman]

Bye - bye --- gmail.com

[AlexCross]

Bye - bye --- gmail.com

Why? Youre inbox have been available to all the Google's employee, to authorities who scan all the emails for suspicious activities (which it's good , that's why we pay taxes, to protect us from any danger and to evolve as a society), and the list is quite long since emails exists. Youre inbox was never privately, and never will be.

Edited June 27, 2014 by AlexCross

[windowsvistas]

Better Luck on Planet Mars Google :angry: Bye Bye :lol:

[iih1]

wow.. so terrific..google now, if so simply don't used google mail or KISS and BYE..

[Sky]

good thing I only use gmail for My android games safety(syncing :P )

[Reefa]

Bye - bye --- gmail.com

Why? Youre inbox have been available to all the Google's employee, to authorities who scan all the emails for suspicious activities (which it's good , that's why we pay taxes, to protect us from any danger and to evolve as a society), and the list is quite long since emails exists. Youre inbox was never privately, and never will be.

Try this one HERE you will have to wait a while as they are overwhelmed at the moment but do sign up mate..Very Very Secure :showoff:

Edited June 27, 2014 by F3dupsk1Nup

[Catoja]

Not really guys, when gmail started, they really liked IMAP, but you could always use POP that is really bad, like useless for great stuff. Gmail its trying to boost email apps, that are kind of Dying with Whatsapp and Facebook... But for doing so, they need a new protocoll, open protocoll... Its very good, they are trying to be the Linux of Email...

[Fallon]

I am waiting for the email apps to take over the world in another terminator movie. :D

These Proton guys will probably go the same way as others after 9/11, but I am game.

Edited June 29, 2014 by Fallon

[frogman]

I am waiting for the email apps to take over the world in another terminator movie. :D

These Proton guys will probably go the same way as others after 9/11, but I am game.

Did the FB-eye release some Virtual anthrax spores from their D.U.M.B in Mary-Land?

According to Mr. Dick-C....The next load will be BIGGEr than Terminator does Christmas!