Menu
Google tightens HTTPS protections in Gmail in light of government snooping

Google tightens HTTPS protections in Gmail in light of government snooping

Users are no longer given the option to turn off HTTPS

Citing the need to protect users from government cyber-spying, Google has tightened Gmail's encryption screws by removing the option to turn off HTTPS.

Google first gave people the option of encrypting their Gmail sessions via the HTTPS (Hypertext Transfer Protocol Secure) communications protocol in 2008. Google turned it on by default in 2010 for all users, but allowed them to turn it off manually. Not anymore.

"Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email," Nicolas Lidzborski, Gmail Security Engineering Lead, wrote in a blog post Thursday.

He highlighted the security benefits of having HTTPS permanently on. "Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers -- no matter if you're using public WiFi or logging in from your computer, phone or tablet," Lidzborski wrote.

In addition, all messages sent or received by Gmail users will remain encrypted while moving among Google data centers. That is "something we made a top priority after last summer's revelations," Lidzborski wrote, alluding to the press leaks from whistleblower Edward Snowden, the former contractor for the U.S. National Security Agency who was disgruntled with its surveillance methods and practices.

When it announced the availability of HTTPS for Gmail and later when it turned it on by default, Google officials noted that the security boost from using HTTPS would sacrifice performance by increasing latency to a certain degree. It made no mention of that in Thursday's blog post.

Asked for comment about the security-speed tradeoff of using HTTPS, a Google spokeswoman said the Gmail team has worked hard to mitigate any performance impact, and that at this point the company believes it makes no sense to allow unencrypted HTTP connections. Plus, currently most people use HTTPS, she added.

Lidzborski also revealed in the blog post that Gmail had uptime of 99.978 percent in 2013, which works out to under two hours of downtime for a user during the year.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesGooglesecurityMailSoftware as a servicecloud computinginternet

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments