I would get seriously excited about this if I could install it on my own server and keep my own index. I'm a bit hesitant giving them access to all my data to all my accounts, in exchange for a small convenience.
It is pretty impressive, though saying that it launched in February is misleading. I signed up last year, ran into a bunch of problems with it not indexing anything, and haven't opened it since. Now it looks like everything actually has been indexed, which is cool. I'm deleting my account for now though, as it doesn't yet seem easy enough to be useful for my purposes.
I regularly hear that if I could install it on my own server argument and wonder if you think you can handle security and administration much better than someone who's paid to do it. I, for one, can't and would not want to waste my time on it.
I agree that is a good point. Perhaps it is a technology that would be better off not existing?
Security aside, one of the fears I have isn't necessarily against hackers, but against legal entities making use of the private information illegally, in addition to Greplin selling "me" in a very compact and precises manner to whoever they want.
Even if you trust that your own computer or server is more secure than Greplin's servers, your communication with others will be indexed on instances belonging to the people you communicate with as well.
So the question even for the seasoned computer security expert that want to use a distributed Greplin variant is: Do you trust your friends and colleagues to have better security on their home or work computers than Greplin can achieve with dedicated work?
With a distributed system it would still be a non-trivial task to protect against a dedicated worm or trojan that infest the network and traces paths to other Greplin users after stealing all the data from each instance.
Since the data is social and each document in many cases concerns more than one person, it might actually be a less complicated task to achieve sufficient security in a central location.
There's security breaches all the time on systems that are set up and maintained by people who are 'paid to do it'. I don't think that's a the best possible signal. People who are able to install complex software (something beyond wordpress-ease of install) are possibly more capable than many 'paid to admin server' admins. Not all, of course, but being paid to do something doesn't indicate 100% competence.
Likewise, someone installing something on their own machines for privacy concerns can be said to have more vested in keeping things secure than the person who's only doing it for their job, maintaining a server with thousands of bits of data on it.
It is pretty impressive, though saying that it launched in February is misleading. I signed up last year, ran into a bunch of problems with it not indexing anything, and haven't opened it since. Now it looks like everything actually has been indexed, which is cool. I'm deleting my account for now though, as it doesn't yet seem easy enough to be useful for my purposes.