Google toughens security with Gmail encryption (Update)

Mar 20, 2014 by Rob Lever
A woman looks at her e-mail on a computer screen in Washington on November 23, 2010

Google said Thursday its popular Gmail service would use encryption to thwart snooping, in the latest move by the tech sector reassuring customers following revelations about US surveillance programs.

"Your email is important to you, and making sure it stays safe and always available is important to us," Gmail engineering security chief Nicolas Lidzborski said in a blog post.

"Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email.

"Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail's servers—no matter if you're using public WiFi or logging in from your computer, phone or tablet."

Google has already begun scrambling most of the traffic at its websites as technology firms grapple with moves by US intelligence agencies to spy on what people are doing and sharing online.

And similar moves have been announced by Yahoo, Microsoft and Facebook to use encryption that limits the ability of a third party to read messages or emails.

US tech firms have been ramping up encryption since last year's explosive revelations about the vast surveillance capabilities of the National Security Agency and other intelligence services, based on leaked documents.

Lidzborski said Google's latest move "ensures that your messages are safe not only when they move between you and Gmail's servers, but also as they move between Google's data centers—something we made a top priority after last summer's revelations."

Some reports say the NSA had been able to access the data centers of Google and other Web firms.

Experts say encryption generally prevents outsiders from intercepting a person's messages or documents, but that a persistent effort can gain access through malware or other methods that trick a person into revealing passwords.

NSA-proof?

Joseph Hall, chief technologist at the Center for Democracy and Technology, said Google's move is positive even if it does not protect against every potential threat.

"I'm reluctant to say anything is NSA-proof," Hall told AFP.

"But I think what Google is trying to do is make sure they come through the front door and not the back door."

Hall said that Google's encryption "would make it very difficult" for the NSA or others to tap into email traffic directly.

But he cautioned that the encryption would be only for "transport" and that data may still be unencrypted while sitting on a user's browser or stored in certain data centers.

Still, he maintained that this encryption is positive because it is "part of a general trend of strengthening the core Internet structure."

"Unfortunately, this is a case of an American Internet company having to beef up security because of attacks by its own government," Hall said, while adding that it could be positive for people living in authoritarian regimes.

"If you're an activist in Syria or and Iranian democracy activist, it will go a long way to making you secure."

Google's announcement came a day after co-founder Larry Page condemned US government snooping on the Internet as a threat to democracy.

Page, speaking at the Technology Entertainment Design (TED) gathering in Canada, was sharply critical of the NSA.

"It is tremendously disappointing that the government sort of secretly did all this stuff and didn't tell us," Page said.

Explore further: Google, Facebook, Twitter bolster digital defenses in wake of NSA revelations

add to favorites email to friend print save as pdf

Related Stories

Zuckerberg says US government threat to Internet

Mar 13, 2014

Facebook chief Mark Zuckerberg said Thursday he had called President Barack Obama to complain that the US government is undermining confidence in the Internet with vast, secret surveillance programs.

Recommended for you

Study shows role of media in sharing life events

11 hours ago

To share is human. And the means to share personal news—good and bad—have exploded over the last decade, particularly social media and texting. But until now, all research about what is known as "social sharing," or the ...

UK: Former reporter sentenced for phone hacking

18 hours ago

(AP)—A former British tabloid reporter was given a 10-month suspended prison sentence Thursday for his role in the long-running phone hacking scandal that shook Rupert Murdoch's media empire.

Evaluating system security by analyzing spam volume

18 hours ago

The Center for Research on Electronic Commerce (CREC) at The University of Texas at Austin is working to protect consumer data by using a company's spam volume to evaluate its security vulnerability through the SpamRankings.net ...

Surveillance a part of everyday life

19 hours ago

Details of casual conversations and a comprehensive store of 'deleted' information were just some of what Victoria University of Wellington students found during a project to uncover what records companies ...

European Central Bank hit by data theft

20 hours ago

(AP)—The European Central Bank said Thursday that email addresses and other contact information have been stolen from a database that serves its public website, though it stressed that no internal systems or market-sensitive ...

Twitter admits to diversity problem in workforce

22 hours ago

(AP)—Twitter acknowledged Wednesday that it has been hiring too many white and Asian men to fill high-paying technology jobs, just like several other major companies in Silicon Valley.

User comments : 0