Google pretends to warn Gmail users about state-sponsored email hacking

CNET reports: Google hasn’t been shy about wagging its finger at China recently. And in what appears to be another veiled snipe at Chinese authorities, the tech company says it is now warning users if state-sponsored phishing or malware attacks appear to have targeted their Gmail accounts.

“We are constantly on the lookout for malicious activity on our systems, in particular attempts by third parties to log into users’ accounts unauthorized,” Eric Grosse, vice president of security engineering at Google, wrote in a blog post today. “When we have specific intelligence — either directly from users or from our own monitoring efforts — we show clear warning signs and put in place extra roadblocks to thwart these bad actors.”

In such cases, a notice will appear at the top of the Gmail page that says “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”

If that warning appears, it doesn’t mean the account was successfully hijacked. It just means that the account appears to have been a target, and that Google is urging the account holder to change the password and set up additional security precautions.

Most people who use Google are confused about what Google is — they think it’s a search engine. It’s not. It’s a digital platform that connects advertisers to consumers. Access to consumers is the ‘product’ that Google sells. So when the company introduces a new security feature such as this new hacking warning, we should keep in mind that rather than this simply being some public spirited effort to protect the interests of Google’s users, more likely it’s also been conceived as a gambit intended to serve Google’s commercial interests. It will serve those interests by fostering a sense among users and potential users, that gmail is more secure than it probably is.

If, as will be the case for the vast majority of people who check their gmail accounts, no warning message appears about state-sponsored hacking, does that imply that ones account is secure? I don’t think so. It might not currently be subject to phishing or malware attacks from the Chinese or any other foreign government, but does that also mean that the prying eyes of the NSA are being kept out? Not according to NSA whistleblower William Binney.

Print Friendly, PDF & Email


  1. “If… no warning message appears about state-sponsored hacking, does that imply that ones account is secure? I don’t think so. ”

    Agreed, just as a CRB check doesn’t mean the applicant is trustworthy.
    But your thinking is cynically misanthropic; it relies on people being too stupid to note the difference. As such, does it have any place in a critically-engaged article? I don’t think so.