A friend let me know about this gizmodo article about a vulnerability of many versions of android that involves the potential of a bad guy sniffing the auth tokens from certain google apps, which are sent over clear text.
In response, I updated my G1 to use gingerbread - 2.3.4 ez. I sadly had to part ways with cyanogenmod, who has understandably abandoned the ancient G1 platform. I found a ROM on the xda-developers forum (sorry, don't have the URL) and had to completely wipe my existing image (including all my detail work around moving app data to the SD card) and start over, but it hasn't taken long to recover most of the way. Significantly, I downloaded a boot script to mount /sd-ext to a linux partition on the SD card at boot time - this script was there in my 6.1 cyanogenmod install, but for some reason didn't work. Now it works!! This makes life a *lot* easier, in that I can symlink to the /sd-ext partition once, instead of having to prep for each reboot and restore afterward - meaning that much of the script work I had to wipe out with the upgrade is no longer required.
I have yet to see how 2.3 will perform from day to day, but so far it doesn't look too bad.