GPush for iPhone Security Concerns
Tiverias Apps has recently released their GPush application on the iPhone App Store. GPush brings email push notification to iPhone users with GMail (or Google Apps Mail) accounts.
There are two main methods for receiving email on a phone. Using the standard method (often called poll or fetch), a user enters their email login credentials into their phone and sets a periodic update interval, say every 15 minutes. The phone then simply queries the users email server every 15 minutes and retrieves any new emails. Simple.
The alternative, i.e. push email, works the other way around. Instead of the phone querying the users email server every so often, the server simply sends emails directly to the users phone as they arrive. This is akin to SMS. Your phone doesn't poll the carrier base stations for new messages, the towers notify the phone whenever a new message arrives instead.
The problem with push emails is that most email servers typically don't have any connection to mobile carriers and would have no idea that emails for email@example.com should be forwarded to say 0414 141 232. So to get the process working, a third-party is typically needed to act as the man-in-the-middle, i.e. someone must know the mapping of email address to phone number and must do the forwarding whenever a new email arrives.
This is where GPush comes in. You simply install the little application on your iPhone, enter your GMail username and password, and away you go! However, by doing this you're giving someone else full access to your GMail account!
Tiverias needs your username and password in order to log into your gmail account for you and check your emails automatically so that they can send you push notifications to your phone as soon as something new arrives. Tiverias tries to ensure its customers that this is a safe practice:
"When we created the app, we committed first and foremost to security. We are using multiple levels of encryption including SSL, obfuscation, and cipher-based encryption. SSL ensures that your credentials can be transported securely. Your login credentials are encrypted using an encryption scheme that has never been cryptographically broken, with a different 'secret key' for each user. To test these security measures, penetration tests were ran on the server with no information accessed."
That's all well and good, but it doesn't change the fact that someone other than yourself has full access to your GMail. Can you be sure that an insider at Tiverias won't sell user accounts to the highest bidder on the side? Or that their database will get hacked and your password will appear on hacker blogs and forums? Does the $1 you paid for GPush give you confidence in their long-term ability to keep your data safe?
And for many people a GMail account is not just for email, it's also used to secure the Google Calendar, Google Docs, Google Search History and Bookmarks, Blogger, Adwords, Adsense and who knows what else. So now some company that you've never heard of before has just bought full access to all your data for $1... can you imagine how much they'd stand to make by selling this information? Maybe as a company they'd never do that, but can you trust all the nameless, faceless employees behind the scenes that are responsible for keeping the service alive? I would advise anyone to stay well clear of any app that asks you for personal user credentials to other services. This is the oldest trick in the book for fishing user accounts.
Other variations of Push email services include having all your emails redirected/forwarded to some other server to which you've subscribed to and knows about your mobile phone number. This way instead of giving someone your GMail username and password, you create a new email account with them and simply give them all your emails instead. This reduces the risk considerably as you're only providing some faceless organization with read access to your emails, but you're not giving them the power to impersonate you or access any of your other linked services. There's considerably more configuration and maintenance involved however.
MobileMe can be made to work in this fashion, i.e. forward any or all of your emails to your me.com account which gets pushed to your phone. Personally I wouldn't bother though. MobileMe is not cheap ($100 a year), and you don't really gain much from push anyway unless you want to use email as a replacement for SMS.