Google Turns On HTTPS By Default In Gmail

HardOCP News · Mar 21, 2014

With HTTPS on by default, the only people that can spy on your Gmail account is Google.

Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email. Gmail has supported HTTPS since the day it launched, and in 2010 we made HTTPS the default. Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you're using public WiFi or logging in from your computer, phone or tablet.

raz-0 · Mar 21, 2014

Good thing they responded to that oversight quickly. How many years has it been?

Zarathustra[H] · Mar 21, 2014

Steve said:
With HTTPS on by default the only people that can spy on your Gmail account is Google.

Or if you use an unpatched Mac or iOS device, anyone!

nvgrim · Mar 21, 2014

Zarathustra[H];1040714048 said:
Or if you use an unpatched Mac or iOS device, anyone!

But apple devices never get any viruses or infections.Its impossible because its an apple device.

MrGuvernment · Mar 21, 2014

i have made a push at work to make all HTTP sites HTTPS, the overhead is so little now, unlike 10 years ago, unless your poor and can afford all the SSL certs, little reason not to use HTTPS for any hosting you do.

CharonPDX · Mar 21, 2014

It has been "default" for 4 years. It has been "available" since it launched.

Now it is the *ONLY* option. (Sorry, 40-bit international-compliant Netscape Navigator 4.0, you're out of luck.)

Now they need to make S/MIME available through the web interface. (And make it default when sending to other Gmail/Google Apps-hosted addresses.)

Spidey329 · Mar 21, 2014

NSL for cert key incoming.

rflcptr · Mar 21, 2014

Zarathustra[H];1040714048 said:
Or if you use an unpatched Mac or iOS device, anyone that manages to break into your secure network!

fixed.

CreepyUncleGoogle · Mar 21, 2014

Google finally figured out that they need to keep the data secure so it can't be obtained as easily and thus, the value of the data is higher when they sell it to their advertising partners.

toast0 · Mar 21, 2014

MrGuvernment said:
i have made a push at work to make all HTTP sites HTTPS, the overhead is so little now, unlike 10 years ago, unless your poor and can afford all the SSL certs, little reason not to use HTTPS for any hosting you do.

The CPU overhead may be little, but it still adds extra round trips (so if your clients aren't close, significant latency, at least for the first request on a connection). Unfortunately the speed of light hasn't increased in the last 10 years. There is still a tradeoff here.

stiltner · Mar 22, 2014

No one...except those advertisers who pay us to sift through your e-mail for ads.

Gmail user, targeted ads creep me out.

ICOM · Mar 22, 2014

CreepyUncleGoogle said:
Google finally figured out that they need to keep the data secure so it can't be obtained as easily and thus, the value of the data is higher when they sell it to their advertising partners.

Dang! You beat me to it.

Yep.

Google Turns On HTTPS By Default In Gmail

HardOCP News

[H] News

raz-0

Supreme [H]ardness

Zarathustra[H]

Extremely [H]

nvgrim

[H]ard|Gawd

MrGuvernment

Fully [H]

CharonPDX

Gawd

Spidey329

[H]F Junkie

rflcptr

Supreme [H]ardness

CreepyUncleGoogle

Supreme [H]ardness

toast0

2[H]4U

stiltner

[H]F Junkie

ICOM

2[H]4U