In Google We Trust (27 Dec 2005)
It's important for Google to get its privacy and security policy right with Gmail, because Gmail is the standard-bearer for an increasingly important approach to Web programming called Ajax, for asynchronous JavaScript and XML. Simply put, Ajax applications have user interfaces that run inside a Web browser, but the heavy computation and data storage are done remotely -- in the case of Gmail, on Google's supercomputer cluster. When you start up Gmail, large parts of your in-box are downloaded into your computer's memory and displayed in your browser as needed. This makes Gmail dramatically faster and more efficient than existing Web-based mail systems, where messages and mailbox lists have to be downloaded again and again every time you display a new Web page.

In recent months, Gmail has introduced a message editor that lets users bold and italicize text or change fonts within a message -- much the way you can in a PC-based e-mail program like Microsoft Outlook. There's even an "autosave" feature, so that if your browser crashes you don't lose the message that you were composing. And Gmail can now be integrated with Google Desktop; for example, you can download your e-mails to your Windows-based computer and search and read them when you are not online. All of this is made possible by Gmail's Ajax architecture.

So if Google is applying Ajax with such skill, why am I still concerned about privacy and security?
