Menu
Google tightens HTTPS protections in Gmail in light of government snooping

Google tightens HTTPS protections in Gmail in light of government snooping

Users are no longer given the option to turn off HTTPS

Citing the need to protect users from government cyber-spying, Google has tightened Gmail's encryption screws by removing the option to turn off HTTPS.

Google first gave people the option of encrypting their Gmail sessions via the HTTPS (Hypertext Transfer Protocol Secure) communications protocol in 2008. Google turned it on by default in 2010 for all users, but allowed them to turn it off manually. Not anymore.

"Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email," Nicolas Lidzborski, Gmail Security Engineering Lead, wrote in a blog post Thursday.

He highlighted the security benefits of having HTTPS permanently on. "Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers -- no matter if you're using public WiFi or logging in from your computer, phone or tablet," Lidzborski wrote.

In addition, all messages sent or received by Gmail users will remain encrypted while moving among Google data centers. That is "something we made a top priority after last summer's revelations," Lidzborski wrote, alluding to the press leaks from whistleblower Edward Snowden, the former contractor for the U.S. National Security Agency who was disgruntled with its surveillance methods and practices.

When it announced the availability of HTTPS for Gmail and later when it turned it on by default, Google officials noted that the security boost from using HTTPS would sacrifice performance by increasing latency to a certain degree. It made no mention of that in Thursday's blog post.

Asked for comment about the security-speed tradeoff of using HTTPS, a Google spokeswoman said the Gmail team has worked hard to mitigate any performance impact, and that at this point the company believes it makes no sense to allow unencrypted HTTP connections. Plus, currently most people use HTTPS, she added.

Lidzborski also revealed in the blog post that Gmail had uptime of 99.978 percent in 2013, which works out to under two hours of downtime for a user during the year.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesGooglesecurityMailSoftware as a servicecloud computinginternet

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments