Google Encrypts All Gmail Messages After NSA Snooping

[Dima007]

Content source

http://www.pcmag.com/article2/0,2817,2455203,00.asp

Google is upping the security of Gmail with new measures to protect your email from prying eyes.

The Web giant on Thursday announced that from now on, Gmail will always use an encrypted HTTPS connection when you check and send email. Gmail has always supported HTTPS, and in 2010 Google turned it on for everyone by default, but users still had the option to turn this protection off. From now on, Gmail is HTTPS-only, meaning the mail service no longer allows the more insecure HTTP connections.

"Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers — no matter if you're using public Wi-Fi or logging in from your computer, phone or tablet," Gmail Security Engineering Lead Nicolas Lidzborski wrote in a blog post.

One reason to avoid HTTPS is that it could be a tad slower than HTTP. But Google said it has been working for some time to address performance issues and now feels it has reached a point where it no longer makes sense to allow HTTP connections, a spokeswoman for the company told PCMag. Most Gmail users already use HTTPS, so this is just the final step in the transition.

Moreover, Google said that all messages you send and receive are now encrypted while moving internally on its servers. This means that your messages are not only safe when they move between your computer and Gmail's servers, but also as they move between Google's data centers.

Google said this change was something the company made "a top priority after last summer's revelations" — a nod to reports that the NSA collected data from companies like Google and Yahoo as that information moved between data centers.

Meanwhile, Google also provided an update about Gmail reliability. Last year, Gmail was available 99.978 percent of the time, which comes out to less than two hours of downtime per user per year.

"Our commitment to the security and reliability of your email is absolute, and we're constantly working on ways to improve," Lidzborski wrote.

 

[Moose]

The Big question is do you trust Google from past events?

 

[Nico@FMA]

The very fact that Google is going to publicly do something about it could be seen more as a advertisement stunt rather then a real push to stop snooping.
One of the reasons I say this, Google is a US company and falls directly under US law which directly means that the NSA and all other governmental institutions are going to have access to it any time they wish.
On top of that the encryptions used by Google are busted before they are even applied this is due to the fact that all their master keys have already been added to the NSA toolbox.
So the NSA cannot only undo every single effort Gmail makes to secure their services it also has real-time access.
That being said nice article and nice stunt of Google.
Shame that it does not work.

 

[ifacedown]

So how could I encrypt my Google?

 

[Ink]

Secure Mail for Gmail by Streak - https://www.streak.com/securegmail
https://chrome.google.com/webstore/detail/secure-mail-for-gmail-by/jngdnjdobadbdemillgljnnbpomnfokn

 

[Nedim]

-http://securitywatch.pcmag.com/hacking/321839-gmail-is-all-encrypted-now-but-you-re-not-nsa-proof-yet-

 

[Moose]

Free and paid service:

http://www.viivo.com/