Gmail to get secure Net connection by default

[DKT27]

Gmail to get secure Net connection by default

Google announced a partially successful cyberattack on Gmail, the company said it will activate by default a secure network technology for its e-mail service.

Shortly after

Google has long offered the option to access its Web-based Gmail service by using HTTPS--a secure version of the Hypertext Transfer Protocol that Web browsers use to retrieve information from Web sites. Now it will become the norm.

"Using HTTPS helps protect data from being snooped by third parties, such as in public Wi-Fi hotspots," Gmail Engineering Director Sam Schillace, said in a Gmail blog post on Tuesday. "We initially left the choice of using it up to you because there's a downside: HTTPS can make your mail slower since encrypted data doesn't travel across the Web as quickly as unencrypted data. Over the last few months, we've been researching the security/latency tradeoff and decided that turning HTTPS on for everyone was the right thing to do."

However, not all is smooth sailing.

"If you use offline Gmail over http currently, the switch to HTTPS is likely to cause some problems," Schillace said. He directed affected people to a secure offline Gmail fix that walks users through an installation process to get things working.

Source - CNET

[nsane.forums]

Making security more embedded in online email

Google has announced that it is to standardise around HTTPS for its web mail service Gmail.

In a blog posting Sam Schillace, Gmail engineering director, said that the company was now turning on HTTPS as standard on the service to encrypt messages being sent into and out of its servers.

"We initially left the choice of using it up to you because there's a downside: https can make your mail slower since encrypted data doesn't travel across the web as quickly as unencrypted data," he said.

"Over the last few months, we've been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do. We are currently rolling out default https for everyone."

Google first introduced HTTPS to Gmail in 2008 as an option, and has since been under pressure to roll it out elsewhere. Last year an open letter from security professionals prompted the company to promise HTTPS support on all Google Apps.

Users who are already on HTTPS need do nothing Schillace said, and controls to turn it off were in the settings menu of Gmail.

People using HTTP Gmail offline may experience some problems he said but the company was working on it. In the meantime a Google advisory suggests switching the offline Office applications so that they sync via the HTTPS server.

View: Original Article