When it comes to Gmail, everything will from now on be encrypted, for both sending and receiving emails.
Google has announced that data transferred between computers and the Gmail servers will only be done through an HTTPS connection.
The webmail service has supported HTTPS since 2004, while an option to enable encryption as the default setting for an account was introduced some 4 years later. In 2010, Google made HTTPS connections the default options for users, something that very few people bothered changing.
Now, as a reaction to the entire NSA scandal and the agency’s efforts to make encryption obsolete, Google is fighting back and wants to make sure that conversations within its network are even more secure.
By enabling HTTPS for emails transferred to and from your computer and Gmail’s servers, Google is making sure that there’s no chance of someone disabling the option on your account or computer to intercept the data before it even reaches Google’s servers, something that’s been a particular favorite of intelligence agencies.
It was revealed, thanks to documents from Edward Snowden, that intelligence agencies often delve straight into the Internet cables, picking up data as it passes through. Most often than not, such information is not protected by encryption. Well, Google wants to make sure it’s making things safer for you, even if you are simply sending a message to your friends discussing some incoming hangout.
“In addition, every single email message you send or receive—100% of them—is encrypted while moving internally. This ensures that your messages are safe not only when they move between you and Gmail's servers, but also as they move between Google's data centers—something we made a top priority after last summer’s revelations,” writes Nicolas Lidzborski, Gmail security engineering lead.
What he is referring to in this phrase is the fact that the National Security Agency hacked its way into the internal connection linking Google’s and Yahoo’s data centers. The information was revealed a few months ago and has caused Google engineers to erupt in anger.
“I've spent the last ten years of my life trying to keep Google's users safe and secure from the many diverse threats Google faces… But after spending all that time helping in my tiny way to protect Google -- one of the greatest things to arise from the internet -- seeing this, well, it's just a little like coming home from War with Sauron, destroying the One Ring, only to discover the NSA is on the front porch of the Shire chopping down the Party Tree and outsourcing all the hobbit farmers with half-orcs and whips,” said Brandon Downey, security engineer at Google (and a fan of Tolkien), at the time.
The announcement falls in line with a statement made by Google chairman Eric Schmidt who said that the company was very close to making sure that the NSA could no longer spy on its users.