I also agree that not even Gmail is "fully secure". But for the average person, it poses _less_ of a risk to their privacy than the realistic alternatives.
Yes but on the same argument the average person is more secure trusting the TLS/SSL icon on their browser than not.
This is one of my problems with the blog post is its self contradictory.
On one hand, "We should herd the ignorant sheep to the most secure plateform."
On the other hand, "We need to whine about how insecure and buggy TLS/SSL is."
Self contradiction.
If the point of gmail is to herd people to the most secure platform, then you can't tell people to not trust TLS since its really is the most secure platform for web communication.
I also agree that not even Gmail is "fully secure". But for the average person, it poses _less_ of a risk to their privacy than the realistic alternatives.