Comment Re:There is still man-in-the-middle attack (Score 2, Insightful) 152
Here's the quick rundown:
You contact Google's server through the proxy, and the server sends you Google's public key. This key isn't secret, so it doesn't matter if the proxy gets it, too.
Now you use their public key to encrypt a message telling them the symmetric encryption key you want to use for the rest of the communication. Only Google can decrypt that message, so only you and Google will know the key to use to decrypt the rest of your communications.
A man in the middle attack is only possible if GoogleSharing can either break or guess Google's private key, or the symmetric key you agreed to use after the handshake. Both are very hard to do. So don't worry about it.