Should Google encrypt all Gmail?

International security experts implore Google to use HTTPS by default

If 37 of the world's Internet security experts are right, the world would be a lot safer from identity theft if only Google encrypted Gmail by default. The HTTPS protocol is currently an option for users, one that these experts say is hard for the average, non-technical person to find and activate.

The group of experts sent Google CEO an open letter in which they urged him to become mindful of the dangers of the current, unencrypted system. That danger, the letter writers say, is "when a user composes email, documents, spreadsheets, presentations and calendar plans, this potentially sensitive content is transferred to Google’s servers in the clear, allowing anyone with the right tools to steal that information."

The group wants Google to "at minimum" make the following four changes:

" 1. Place a link or checkbox on the login page for Gmail, Docs, and Calendar, that causes that session to be conducted entirely over HTTPS. This is similar to the “remember me on this computer” option already listed on various Google login pages. As an example, the text next to the option could read “protect all my data using encryption.”

2. Increase visibility of the “always use https” configuration option in Gmail. It should not be the last option on the Settings page, and users should not need to scroll down to see it.

3. Rename this option to increase clarity, and expand the accompanying description so that itsimportance and functionality is understandable to the average user.

4. Make the “always use https” option universal, so that it applies to all of Google’s products.

Gmail users who set this option should have their Docs and Calendar sessions equally protected.

The picture to the left depicts the setting where users can tell Google to use an encrypted connection for Gmail and Google Docs. Click here for an enlarged version.

In the past, Google argued that HTTPS turned on by default would lead to performance problems, a fact that the letter-writers dispute. They say:

"Other Google applications demonstrate that security need not come at the cost of performance. Google’s Health service enables users to browse through and manage their private health information online. Google’s Voice service lets customers initiate VOIP phone calls, send text messages, and manage voicemail inboxes. However, unlike with its Gmail, Docs, and Calendar products, Google only provides access to Health and Voice via HTTPS encrypted communications sessions, recognizing the highly sensitive health and call record information users entrust to Google. Likewise, Google’s AdWords and AdSense products, which are the backbone of Google’s advertising business, can only be managed by customers using a secure HTTPS connection."

So Google raised its hands and said, You win! Alma Whitten, Software Engineer, Security & Privacy Teams has responded in a blog post, saying:

"Free, always-on HTTPS is pretty unusual in the email business, particularly for a free email service, but we see it as an another way to make the web safer and more useful. It's something we'd like to see all major webmail services provide. In fact, we're currently looking into whether it would make sense to turn on HTTPS as the default for all Gmail users. ... We're planning a trial in which we'll move small samples of different types of Gmail users to HTTPS to see what their experience is, and whether it affects the performance of their email. Does it load fast enough? Is it responsive enough? ... Unless there are negative effects on the user experience or it's otherwise impractical, we intend to turn on HTTPS by default more broadly, hopefully for all Gmail users."

While it's not a bad idea to urge Google to default to HTTPS for Gmail and Google Docs, we wonder if this is concern is misguided. The letter cites, the massive data breach suffered by T. J. Maxx, which occurred in 2005 and was disclosed in 2007 as one example of the real dangers of using a public, free, e-mail system in the clear. However, in the case of T.J. Maxx, the thieves stole their prize, data involving more than 45 million credit card and debit card numbers, by tunneling into the network through a poorly secured wireless switch and then accessing a server where the data was stored. They didn't sniff the data on the fly over HTTP.

In your opinion, does it make much of a difference to the public's safety if Gmail and Google Docs travel the Internet in the clear?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

IT Salary Survey: The results are in