Google has done more to securely encrypt Internet traffic than any other company in the world. Among other things, they are the pioneering standard-bearer for ECC forward secrecy and for certificate pinning, the two most important Internet encryption advances in the last 10 years.
Those things are very significant, much needed improvements, but would you agree that we need more user controlled, end to end crypto? I'm talking about things like ZRTP here. I'm not expecting solutions like that to come from Google because it has a vested interest in mining your data. Possibly even more so than NSA does.
You wrote "secure key exchange, secure real time communication, secure storage, and secure email payload would blind the surveillance state". Now I'm not sure we're working from the same definitions of those terms.
If you think Google, or any other consumer Internet service, has already secured those things, evidently not. What I have in mind is end-to-end encryption with no provisions for surveillance of cleartext, with or without a warrant. As I wrote earlier in this thread, even if you think our law enforcement can be trusted, there are plenty of jurisdictions where that is not the case at all.
I think I understand. Any acknowledgement that Google has done more to secure Internet traffic for normal users than any other company would require you to concede something, and thus feel bad.
Google has done an enormous amount to improve and deploy what Ben Adida called "b2c crypto" -- typically turning it on months to years ahead of its main competitors, and actively supporting work on making it stronger. But they've done almost nothing to encourage the use of "p2p crypto" in Adida's sense, at least not as a product feature.
I support the widespread routine use of p2p crypto, but I think Google deserves credit for what it has done. That includes making b2c crypto "routine" for most products, which does have direct effects on dragnet surveillance.
Of course Google deserves praise for that and 97 other things. But it is completely unapropos to what the article posted here is about. It does not really have an effect on dragnet surveillance because Google can be ordered to simply allow the government to let it happen.
There is some value in that foreign governments with their own NSA wannabes could get thwarted.
The problem is that Google would probably closed down if they implemented security which cannot be circumvented, even with a warrant, because they would break the law.
There are many laws and long standing rulings which force companies/people/.. to cooperate with law agencies. So, as it has been stated many times before, the solution for these things is political, not technical. Law always trumps programming and law is influenced by politics.
I see how you're attempting to pass off the obvious propaganda that Google and the NSA are separate entities, when Snowden's revelations clearly suggest they are one and the same.
