Email encryption follows move in the spring to encrypt search traffic via SSL
Google announced on Thursday that it had encrypted all Gmail messages using HTTPS, in order to keep the contents away from the prying eyes of intelligence agencies and cyber criminals.
Google’s Nicolas Lidzborski, Gmail Security Engineering Lead, announced the change in a blog post stating that user’s messages will be secure 100 percent of the time no matter where the user logs in from.
“[This] change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you’re using public WiFi or logging in from your computer, phone or tablet,” Lidzborski said.
“Every single email message you send or receive — 100 percent of them — is encrypted while moving internally,” Lidzborski continued in the post. “This ensures that your messages are safe not only when they move between you and Gmail’s servers, but also as they move between Google’s data centres – something we made a top priority after last summer’s revelations.”
In many ways this move can be seen as a way for Google to atone for its sins of cooperation with the NSA. As leaked slides from the PRISM program show, Google was a complicit partner in the agency’s efforts to eavesdrop on the electronic communications of Americans. Of course, while HTTPS encryption will be enough thwart the efforts of most intelligence agencies to spy on Gmail the NSA might have a back door.
Source: Google Blog