GMail goes HTTP-S 'by default'

Today I noticed something new in the upside right corner of my Gmail account- "More Gmail Security".
Now Gmail offers HTTP-S connection by-default.Last June, a group of researchers and academics released an open-letter calling on Google protect users' communications from theft and snooping by enabling industry standard transport encryption technology (HTTPS) for Google Mail, Docs, and Calendar. And latest rise in incidents of Gmail account hijack from China made Google to act fast.
According to Google "We initially left the choice of using it up to you because there's a downside: https can make your mail slower since encrypted data doesn't travel across the web as quickly as unencrypted data. Over the last few months, we've been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do."

They are currently rolling out default https for everyone. If you've previously set your own https preference from Gmail Settings, nothing will change for your account. If you trust the security of your network and don't want default https turned on for performance reasons, you can turn it off at any time by choosing "Don't always use https" from the Settings menu.


Popular posts from this blog

SQL Injection in search field

File Upload through Null Byte Injection