Gmail-to-Gmail traffic is always encrypted. These warnings will begin to roll-out in the coming months.
Advertisement
“To notify our users of potential dangers, we are developing in-product warnings for Gmail users that will display when they receive a message through a non-encrypted connection”, wrote Google’s Anti-Fraud and Abuse Researcher, Elie Bursztein, and colleague Nicolas Lidzborski, the Gmail Security Engineering Lead.
Revelations from NSA whistleblower Edward Snowden have elevated the public’s concern regarding privacy and security to new heights, precipitating a response from major technology companies like Google.
A joint study involving Google, University of MI and the University of IL found that email is “more secure today than it was two years ago”, with an increase in the number of encrypted emails sent.
The email provider already uses HTTPS to encrypt a user’s connection between their browser and the server, but after that it’s widely out of a user’s control.
The researchers found that incoming messages at Gmail that were protected by TLS jumped from 33% to 61% between December 2013 and October 2015.
A similar gap in security capabilities exists with regard to email sender authentication.
According to a recent study performed by Google together with the University of MI and the University of IL, email has improved for everyone in the past two years.
Advertisement
But not all things are ideal, and Google is sounding the alarm on a few problems as well, like certain regions of the Internet where various parties are tampering with network requests to prevent SSL connections to form, and the presence of malicious DNS servers that broadcast fake addresses for Gmail servers. “These nefarious servers are like telephone directories that intentionally list misleading phone numbers for a given name”.
