As for your security concerns, I think it’s right to be somewhat wary. It’s new technology and a new idea, and it may very well have fundamental flaws in the way it’s currently implemented. It is however, only a “preview” still, and anyone using it for top-secret sensitive data does so at their own risk. The way to minimise your risk is to not use gadgets that have not been thoroughly vetted (the source is always easily available) or not use them at all, and only invite users that you trust.

I got in on Google Wave a while back now (I think it was the second big wave of invites) and did quite a bit of poking around and analysis of security measures and so on. In the end I decided that I probably wouldn’t use Google’s implementation of the Wave protocol due to the problem you mentioned at the end of this post: Wave abuse.

I think that fundamentally the Wave protocol has a security “issue”. Not a bug, not necessarily a flaw, but it has several things that make me uncomfortable with it. I wrote more about it on my research blag: http://www.tobiaslabs.com/59/some-security-issu…

I link to a support forum where a person argued that the “Remove” function of the Wave protocol may not even “make sense”, but I think Google’s implementation on this is pretty reasonable. I think I’ll start using Google Wave again to see how I like the recent changes.

As for your security concerns, I think it’s right to be somewhat wary. It’s new technology and a new idea, and it may very well have fundamental flaws in the way it’s currently implemented. It is however, only a “preview” still, and anyone using it for top-secret sensitive data does so at their own risk. The way to minimise your risk is to not use gadgets that have not been thoroughly vetted (the source is always easily available) or not use them at all, and only invite users that you trust.

I got in on Google Wave a while back now (I think it was the second big wave of invites) and did quite a bit of poking around and analysis of security measures and so on. In the end I decided that I probably wouldn’t use Google’s implementation of the Wave protocol due to the problem you mentioned at the end of this post: Wave abuse.

I think that fundamentally the Wave protocol has a security “issue”. Not a bug, not necessarily a flaw, but it has several things that make me uncomfortable with it. I wrote more about it on my research blag: http://www.tobiaslabs.com/59/some-security-issues-with-google-wave/

I link to a support forum where a person argued that the “Remove” function of the Wave protocol may not even “make sense”, but I think Google’s implementation on this is pretty reasonable. I think I’ll start using Google Wave again to see how I like the recent changes.