Why should they? The server is not intended to be used with a Web browser anyway.
I assume the check is just an additional safety measure that you are the really device owner before you go on voiding your warranty. Before you accuse Asus of privacy invasion, at least make sure you understand the code and find out what exactly the software does with the password.
Anyway, by reverse engineering the unlocker we will probably gain more knowledge how the unlocking process works, but it will still not give us any way to do it without Asus servers.
If they pass any type of private information to that server IT SHOULD BE SECURED. Thats why they should. Doesn't matter if its not intended to be used by a browser, its a security risk.
Using your gmail acct to check to see who you are, that's really f*ing stupid. You can add another account and sign in with a fake acct. So that makes no sense.
I never ACCUSED Asus of anything you read wrong I simply said IT SEEMS < SEEMS more like a privacy invasion then anything. There is no LEGITIMATE reason for them to obtain use, transfer information about your gmail acct. Google doesnt do, Motorola Doesnt do it, HTC doesnt do, Sony doesnt do it. So why does asus need to?
Who care's who you are, they have serial numbers on the device thats all they need. If someone unlocks the device and its not you, thats a legal matter between you and that person not asus and you.