Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Email Security

Google Boosts Security of Gmail Infrastructure

All Gmail Messages Now Encrypted While Moving Internally

All Gmail Messages Now Encrypted While Moving Internally

Google announced on Thursday that its Gmail service would use added encryption to protect against eavesdropping and keep messages secure.

“Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email,” Gmail security engineering lead, Nicolas Lidzborski, wrote in a blog post.

“Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers – no matter if you’re using public WiFi or logging in from your computer, phone or tablet,” he added.

The new security protection for Google’s popular email service is the latest move as Internet and technology firms scramble to boost their security efforts and up encryption after Edward Snowden began to leak classified details on the scope of US government spying.

Lidzborski said that 100 percent of email messages that Gmail users send or receive are encrypted while moving internally.

“This ensures that your messages are safe not only when they move between you and Gmail’s servers, but also as they move between Google’s data centers—something we made a top priority after last summer’s revelations,” Lidzborski said.

Joseph Hall, chief technologist at the Center for Democracy and Technology, told AFP that Google’s encryption “would make it very difficult” for the NSA or others to tap into email traffic directly.

“I’m reluctant to say anything is NSA-proof,” Hall told AFP. “But I think what Google is trying to do is make sure they come through the front door and not the back door.” He warned that the encryption would be only for “transport” and that data may still be unencrypted while sitting on a user’s browser or stored in certain data centers. Hall added that Google’s encryption is positive because it is “part of a general trend of strengthening the core Internet structure.”

In December 2013, a group of US-based Internet giants called on Washington to overhaul its surveillance laws. In an open letter to President Obama and Congress, the tech giants called on Washington to lead the way in a worldwide reform of state-sponsored spying.

In January, President Barack Obama announced plans to curtail the reach of massive phone surveillance sweeps by the NSA, but said bulk data collection must go on to protect America from terrorists.

In December, Microsoft said it would “pursue a comprehensive engineering effort to strengthen the encryption of customer data” in order to protect its customers from prying eyes and increase transparency.

In a recent letter to customers, IBM executive Robert Weber emphasized the need for Governments to take action in order to restore trust.

“Data is the next great natural resource, with the potential to improve lives and transform institutions for the better,” Weber said. “However, establishing and maintaining the public’s trust in new technologies is essential.”

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

UK-based email security and brand protection solutions provider Red Sift on Thursday announced raising $54 million in a Series B funding round that brings...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...