“Experts” Gush over Google Office Security

SCMagazine reports that the new Google Office won’t have security problems like Microsoft Office.
1. Security will be more robust
2. Updates will Appear Automatically
3. Less Features mean more security

Amol Sarwate, manager of vulnerability research at Qualys, says “You never have to patch anything, so hackers would be reluctant to target,” You won’t even know if a patch is released. Whenever you log in, you’ll get the newest version they have.”

Does that sound like a good thing? One of the complaints about Google Desktop Search was secret patching. Shouldn’t you know what’s going on? Qualys offers a software as a service vulnerability scanner and they announce major version updates. I wonder if they are silently patching security problems as well.

Eric Ogren, an analyst at Enterprise Strategy Group, told SCMagazine.com that Google will protect the software in its data center, and it will not be vulnerable to typical client-side vulnerabilities.

I wonder if this means my data would be kept forever, and available for search warrants, and also available to be accidentally disclosed.
The SC Writer buried the lead in my opinion. Amol Sarwate also said this service could be “could be vulnerable to an emerging set of web-based threats such as cross-site scripting and SQL injections.”
That’s what made this article jump out at me. In a week where it is reported that Google Desktop Search is inherently insecure it seems this article is trying to tell me that Google Office is secure by default.
Myspace and Secondlife have been targets. Who is to say similar issues won’t be found in Google Office.