Google announced the new feature on its Online Security Blog Thursday. According to Gmail’s security team, the warnings “will begin to roll-out in the coming months.”
The new encryption warning in #Gmail is awesome. It might be a little arcane for most but it is a good step in the absence of agreement between email server providers. I hope that the other major email providers get on board with this and start doing something similar.
Google Encrypts Gmail – What Email Are You Using?
The most important line in this article: “Google already defaults to https – the Web prefix indicating an encrypted connection”. In fact, for lawyers, email encryption is a basic standard that should apply to all communications containing client information. You can increase the security of such communications by adding an encryption layer on to the mail application, with a third party application. Non GMail senders are also sending an increased number of encrypted messages. Have you looked at you email lately?
When you click on an email, you likely don’t think much about the swift journey it made from the sender’s inbox to yours. But some mail providers still send content over unencrypted connections, so Google plans to notify Gmail users if this is the case.
Google already defaults to HTTPS—the Web prefix indicating an encrypted connection—in Search, Gmail, and Drive, and started encrypting all Gmail messages last year. And Google said today that encrypted messaging is on the rise: Since 2013, the number of encrypted emails that Gmail received from non-Gmail senders increased from 33 percent to 61 percent. Because of that final 39 percent, though, Google will serve up warnings.
“While these threats do not affect Gmail-to-Gmail communication, they may affect messaging between providers,” researcher Elie Bursztein and engineer Nicolas Lidzborski wrote in a blog post.
Those stats are part of a multi-year study on the evolution of email security that Google published this week. Unsurprisingly, it found that email is better protected now than it was two years ago—before the Snowden revelations.
But the study identified new security challenges. Some regions of the Internet are interfering with message encryption by tampering with requests to initiate a secure SSL connection.
Google also uncovered malicious DNS servers publishing fake routing information to email servers, allowing attackers to censor or alter messages before they arrive in your inbox.
The good news is, more than 94 percent of inbound Gmail messages carry some form of authentication. Technologies that protect against phishing and impersonation have “become the norm,” according to Google research.
“Security threats won’t disappear, but studies like these enable providers across the industry to fight them with better, more powerful predictions today and going forward,” Bursztein and Lidzborski said.
follow us for more