That means the email remains encrypted on server disks and is decrypted when you're reading it, and never stored decrypted. But you can't always expect everything to go right.įor these reasons, the security and privacy community long ago reached the stance that only end-to-end email encryption is secure. If you can trust everything to go right, then gmail-to-gmail is perfectly secure. Hackers breaking into Google and accessing that email.Governments forcing Google to hand over that email.Google choosing to read that email despite their assurances to the contrary.Rogue Google employees reading that email.This leaves them open to various threats:
The receiving server stores an unencrypted copy in the recipient's Inbox. However, the sending server stores an unencrypted copy of the email in your Sent folder. Google mail servers all speak STARTTLS if possible, so for gmail-to-gmail the transmission step shouldn't be a concern. The mail messages sit unencrypted on the disk of the source, destination, and any intermediate mail servers.The SMTP network protocol is unencrypted unless STARTTLS is negotiated, which is effectively optional.While I think it is a good idea from a user-education perspective to always make the front page SSL encrypted, so that people know to look for the browser lock (ESPECIALLY for banks.who like to use their own "lock" icons that don't mean anything.I personally yelled at wellsfargo a lot until they made the front page ssl by default), but you can see why sites might not want to do this, especially sites with extremely high traffic.Email is historically considered insecure for two reasons: This is because it causes more load to send all the content of the front page encrypted. It is very common for sites (like banks) to use http to show the front page but then submit the information with SSL.
#Gmail connection insecure mac how to#
I know most of you don't know how to use a packet sniffer, but I do and I've tested it. While I am happy that at least some of you want to be more secure, the fact of the matter is that it is already using SSL at the time that you submit the information. There are a lot of reasons why secure GMail is a good idea and PGP isn't the right answer. Great convenience, right? But I don't want anyone sniffing my email or passwords or anything else, regardless of how uninteresting it may be.
Right now I am on an open WiFi connection in a public spot.
and maybe several stops in-between) but what I am more concerned about is "D" which is from my laptop to GMail. Also, good luck getting it to work with webmail.Ĭ) Yes I realize my email is unsecure from point A (sender) to B (his ISP) to C (my ISP. You can only get secure mail from people who also have PGP. If you really want secure email use PGP not the web.Ī) Yes, my belongs to the company, but my Gmail belongs to meī) PGP is a great idea which is a PITA to execute. As a long time admin (the company's mail belongs to the company, not to you), your mail isn't that interesting unless you are a spy or doing insider trading for a living.