The importance of Google Secure Access

Recently Google has made available a beta version of Google Secure Access. The service is not officially launched yet, but you can access it here and then at the bottom o the page there is a link to download the installer. When first I saw it, I was blown away by how simple and smart this move was.
So let's have a look at what this service delivers and what is the possible overall impact.
First, you probably know WiFi, the synonym of very convenient way to access the network. WiFi however is also a synonym of lack of security. Since the inception WiFi struggled with several approaches to secure the transmission channel. From 40-bit WEP, that was insecure by design, through various improvements like 128-bit WEP, WiFi still has been looked at as very unsafe way to connect. So while sitting in a hotel lobby or an airport lounge and browsing the current online issue of The New York Times has been a popular scenario, not many of us trusted hot spot networks enough to log on to their banks or brokers and check the account statuses, let alone conduct a transaction.
Things have improved in the meantime. The latest WPA (Wireless Protected Access) standard proved to be good and in many areas is being considered to protect traditional wired networks as well. But the problem with WPA is that somebody has to enable it for us in the already existing millions of hotspots.
But as we have struggled with protecting the WiFi transmission channel for years, there has been a technology available on everybody's laptop capable to solve the problem. Yes, it is called VPN (Virtual Private Network). So what actually is a VPN? VPN is a virtual point-to-point communications channel, that is secure. It's like putting your own secure, shielded pipe inside a bigger, public pipe. And yours is secure, so you no longer care how insecure is the outside one. As I said, VPN is point-to-point. As any pipe, it has two ends. One end is your computer. It takes everything you want to send, encrypts and throws down the virtual private pipe. So it really does not matter how the outside pipes are patched. All your traffic travels encrypted on your machine, and nobody can intercept it. But... you ask... "where is the other end of that pipe?". OK. VPNs have been used so far mainly by business organizations to allow their roaming nomads connect securely to the company network. So they were installing VPN gateways (like Cisco or Checkpoint or Microsoft ISA Server) and these gateways were "the other ends" of virtual pipes spanning between the remote PCs and the company networks.
Now you see why VPN technology has not been adopted by individuals. They simply had nothing to connect to... And here comes Google to the rescue. By launching the Google Secure Access, they have become your VPN endpoint, your secure gateway to the Internet.

What Google Secure Access does, it just configures you a VPN connection from your machine to the Google gateway. Your machine encrypts the traffic, it travels encrypted and secure via insecure outside network (any WiFis included) until it reaches vpn.google.com, where it is decrypted and injected into the Internet, wherever your final destination is. This is quite an achievement. VPN gateways have always been expensive to scale. They have to perform lots of computations - encrypting and decrypting the traffic at wire speed, for each and every user. So Google says it welcomes everyone on the Planet to securely connect to them. Just makes you wonder what infrastructure is behind this...
And some may ask the question "why would they do this? (for free)". Well... If you have read my previous post, you already know. They need more and more information patterns to live. And this is a great idea to have all the Internet traffic go through their gateways. Even without analyzing the payload ("Don't do evil"), they can extract a lot of patterns. Who goes where and when and such.
This is the hint why they are building their own network. After all the VPNs reach them, they need to have a way to unload all that traffic.