Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Google Wave, the search giant's email-like collaboration tool, has been designed to avoid common security issues associated with traditional email because it contains a 'sprinkle of crypto fairy dust', according to the product manager of the technology, who was speaking to media in Sydney today.User privacy is a huge concern for Google, according to Greg D'alesandre, Google Wave product manager.
He said Wave has been built with two levels of security designed to stop criminals exploiting the technology by spoofing another account - pretending to be someone they are not - or by sniffing Wave traffic while it is travelling between users.
"It is relatively easy to fake - or spoof - an email address. One thing we built into the Wave protocol is what we call crypto fairy dust. This means every piece of information you are getting on a Wave from another Wave server has authentication information built into it.
"So you know you are getting the Wave from the person that is sending it to you and it has not changed mid-stream. This is a very big problem in current communication technologies - data can be changed mid stream and you will never know," said D'alesandre.
In addition, he said, all Wave traffic is encrypted using https.
"If somebody was watching packets passing between the computer and the Wave server, they wouldn't be able to decrypt the information.
"There are a lot of products where you can choose if you want to use https. If you are at an internet café and decide not to use [https], it means there is a possibility for somebody to sniff that traffic. We don't give you that option," said D'alesandre.
He admitted that forcing encryption on users slows the product down but he said it was a price worth paying.
"Even though it is slower we think it is important to do it anyway. We have built privacy concerns from the ground up rather than waiting till there are issues and addressing them afterwards," D'alesandre said.
Google Wave users will soon also have the option to whitelist people they want to collaborate with. This means only people on their whitelist will be able to contact them - everyone else will be ignored.
Google Wave is currently in a limited beta test. The company has not yet indicated when it will be opened to the general public.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.