If you're using a Google Wi-Fi hotspot in SF, you can download Google Secure Access: It's a free VPN with no details about method (probably SSL) or encryption method (one hopes at least 128-bit Blowfish, but maybe more). Probably not. It looks like Google, for now, is offering this service for download only over its own free Wi-Fi networks, but it might work elsewhere, they suggest. This download-at-hotspot requirement limits distribution because one assumes you have to set up a VPN account or use your Google login. (You can try to download it from this location, too.)
This fuels interest that they'll sponsor or build much more free Wi-Fi--tied in with their fiber optic last-mile postulated plans. I still don't see how free Wi-Fi helps their business model. A tiny bit more Internet access would only provide a tiny bit more ad revenue.
I've exchanged email all morning with a colleague that thinks this spells death to HotSpotVPN, Public VPN, JiWire's SpotLock, and WiTopia's personalVPN. My reaction? This could create a lot more awareness about VPNs, a good thing, and not everyone will want to use Google's service. They're unlikely to provide phone support or fast tech support response, a must when someone's on the road and can't gain access via the VPN. They don't (yet) offer a variety of encryption types or tell us what they're using. Their choice of VPN transport might not appeal to all users.
A call into Google PR to obtain my own personal "no comment" hasn't been returned yet.
Update: Several folks have mailed to point out that this isn't SSL VPN, but it's PPTP, which is the weakest of the three widely used tunneling encryption methods. Further, it allows CHAP, MS-CHAP, and MS-CHAPv2. Both CHAP and MS-CHAP have well-known cracks that can be accomplished through readily available free software. MS-CHAPv2 is better, but the software isn't set up to require it.
A poorly chosen PPTP password can be cracked, too, even with MS-CHAPv2, which is a reason that SSL and IPsec-over-L2TP have been emphasized lately. Even HotSpotVPN.com, which originally offered just PPTP tunnels, enforced strong password selection by assigning a strong password. (HotSpotVPN now offers a variety of strong encryption with an SSL VPN as their main "rental" service.)