Google Announces Bolder Gmail Security Warnings And A Heads-Up If The Government Is Hacking And Spying On You

Last week, we learned about the company teaming up with others, such as Microsoft and Yahoo, to make SMTP 'Strict Transport Security' a reality, a protocol that would make it even harder for malicious users to gain access to our email. In a new blog post, the company draws our attention to SMTP STS as well as a couple of other recent (and not so recent) ways the company has improved our security.

On Safer Internet Day, which happened a month-and-a-half ago, the company introduced a new Gmail feature that highlights when email is received or being sent to a domain that doesn't offer encryption. You'll see this as a broken lock inside a compose window or received email window if the connection is insecure.

Gmail State sponsored Warning

As it happens, that super simple move has paid off handsomely so far in the first month-and-a-half it's been deployed. Google notes that in that short time, encrypted email counts rose 25 percent. Given the timing, it's a little hard to call it a coincidence. Another notable feature is one we've all been bound to stumble on: Safe Browsing. This one kicks in when a phishing attack is attempted, or if a website is known to be malicious.

The company expanded its security feature portfolio in 2012 with warnings that identify those targeted by the government, or in other terms, "state-sponsored" attacks. If such an intrusion attempt is detected, Google's warning will include a link that will allow the user to beef up the protection on their account as much as possible.

Google notes that less than 0.1% of users will ever see these warnings, which actually seems a bit high when you look at it from the standpoint of that being 1 in every 1,000. With millions of people using Gmail, that would mean that tens of thousands of people have received these messages since 2012.

For its latest addition, Google has enhanced some of its most important security warnings with a full-page roadblock. This will come up if the government is believed to be trying to access your account, or even if you click on a phishing link that you shouldn't have - as a way of warning you twice. This is a good move, as many people might not actually notice the first warning due to rushing or simply not paying attention.

Unless Google pulls another surprise out of its hat in the near-future, the next big security update from the company we have to look forward to is SMTP STS. That rollout truly can't happen quick enough, especially with certain government agencies expressing so much interest in gaining access to our email (and other data).


Via:  Google Blog
Show comments blog comments powered by Disqus