I have just started using GMail and I really like it.
One thing that I find particularly intriguing is that it uses SSL as a transport for both their web-based client and POP3 communication (e.g. from Eudora).
This means that my secret missile plans could be sent in plaintext from my machine to the GMail server securely. This also means that my intended recipient could download the same plaintext missile plans securely.
What about the black box in the middle? Are my missile plans safe as long as they are going GMail-to-GMail? Are they being exposed to the wilds of the Internet in plaintext form at any point on their voyage from my machine to my colleague’s machine?
I looked all over their FAQs and such and couldn’t find the answer (to the best of my ability, which isn’t saying much).
Of course, if my colleague and I wish to communicate securely, we’d just use GPG or something like that, but I am interested in a secure means of sending stuff between non-computer folks.
I’m afraid you are going to have to ask Google directly, and I am not sure they are going to give you an answer. From a purely practical standpoint, both situations are possible. Different accounts could be stored on different servers and the networks connecting them could very well be parts of a non-google network. That doesn’t mean anything though.
The information you need is:
a) How many servers house gMail.
b) What encryption does Google use for transport communication inbetween.
c) How many intermediate servers/routers are between these servers and who owns them.
Obviously if the answer to a) is 1 (unlikely) or the answer to b) is “really good” then there’s no worries. However, the rest is trust. You have to trust Google and everybody else to keep both the storage and the communications secure. However, even if it is super secure, I doubt Google would volunteer enough information for you to be certain that it’s super secure.
I wouldn’t trust it for security, either, but the other things you gotta ask yourself is:
What is it? Who wants to read it? Who’s got the time?
For real security stuff, I know they have networks that are isolated from the Internet…but I’ve never heard the Army or any other branch of the military is really any good at computer security. Perhaps that’s changed, what do I know?
For the rest of it, honestly, I always think: who’s going to take the trouble to find out who you’re cybering with (other than your SO) or what you did last weekend?
Which is why my question was specifically about the security within gmail servers and not standard e-mail in general.
I too believe that standard e-mail is no better than a post card (though Anaamika has a point: if nobody cares about the content, then it might not even be a problem).
A few random notes about Gmail’s security:
[ol]
[li]Browser differences: Gmail does appear to use SSL for both logins and messages, but it appears to do so only for Firefox (and maybe other alternative browsers). In Internet Explorer, it logs you in over SSL and then switches you to an insecure connection for message viewing/sending.[/li]
I don’t know about POP3. If you plan to use that, you should probably check out the connection with a packet sniffer first.
[li]Your recipient’s setup: Your recipient also has to be using a browser that supports full-session encryption. If you send your message with Firefox but the recipient uses IE, the message gets sent as cleartext as soon as the other person views it.[/li]
Of course, you also have to assume that your recipient’s computer (and yours too, for that matter) are free from other security problems that may expose your email after transmission. But that applies to all messaging methods and it’s not an Gmail issue per se.
[li]Message relays: When a message is sent from one gmail account to another, it APPEARS to go through a series of internal mail relays (I’ve seen up to 3). They all have IP addresses of 10.x.x.x, which are reserved for private use as far as I know. So the messages don’t appear to be going outside Google.[/li]
[li]Do you trust Google technology? Google and Gmail code are written by a company known more for usability and popularity than security. A few security flaws were found when Gmail was first released. I have no idea how vulnerable Google’s current hardware and software setups are, but you should consider this before trusting them.[/li]
[li]Do you trust Google personnel? Will they read your emails when they’re bored? Will a disgruntled employee reveal your private messages? Does Google actively try to maintain good security practices to protect its users? Will Google willingly hand over your messages to “authorities” that ask for them? Etc.[/li][/ol]
So those are a few thoughts. Basically, Gmail appears to be more secure than some of its competitors, but only under limited circumstances. It’s still no substitute for dedicated security programs and methods.
IMHO, security is more of a continual process than a magical program. Unless these non-computer folks know a few basic things about security, this sounds like a lost cause. Even if stuff gets sent to them securely, many people don’t give a damn about security and the stuff will soon get stored or transmitted in an insecure fashion anyway.
With that said, Skype (the VOIP/Instant Messaging client) supposedly offers encrypted messaging, file transfers, and voice chat using AES-256. And it’s incredibly easy to use. But again, you have to be willing to trust their technology and their people.
[QUOTE=Reply]
[ol]
[li]Browser differences: Gmail does appear to use SSL for both logins and messages, but it appears to do so only for Firefox (and maybe other alternative browsers). In Internet Explorer, it logs you in over SSL and then switches you to an insecure connection for message viewing/sending.[/ol][/li][/QUOTE]
Changing the prefix of the gmail.google.com URL from http:// to https:// will cause it to keep the entire session encrypted (including post-login). It’s an odd behavior that was just pointed out to me the other day. I’d recommend changing it immediately in any favorites.
If you really want to send a secure message using gmail or most other mail clients, you can encrypt a text message using PGP or even Winzip 256 bit encrytion requiring a password. I know you asked about gmail in particular but that is the requirement for things like HIPAA files sent via any type of e-mail.
The only thing someone could intercept is the sender and receiver’s identity.
I use Firefox, and SSL does not appear to be used. It’s possible that it’s being used in the hidden windows, but the visible URL remains Gmail, and the Page Info context menu option indicates that my emails are http, not https.
Interesting. I wasn’t aware of the HIPAA requirement. If you had the requirement to pass a sensitive Word document between two locations staffed by non-computer-savvy volunteers (your grandmother, for example), how would you do this cheaply?
Number: Sweet. Thanks for the tip! I wish they’d just use SSL by default.
minor7flat5 & Shagnasty: WinZip’s a nice idea. You could make the encrypted file a self-extracting zip (in case the recipient doesn’t have an up-to-date version of Winzip) and the recipient’ll be able to run it like any other Windows program, enter the password and extract the file. But this adds another danger – the self-extracting file could become trojaned if it’s not handled properly.
How sensitive is the stuff you’re working with? If it’s not too sensitive, another easy option is Word’s built-in encryption. Word’ll let you password-protect and encrypt your documents. But you should know that older Word versions had bad security implementations (not sure how good 2003’s is) and Word has a tendency to leave embedded metadata (author, title, etc.) in cleartext even if the rest of the document is encrypted – if that’s a concern to you.
Beyond that, you’re pretty much left with PGP-like tools. There’s a lot of them that can encrypt/decrypt a file as long as both parties have the software; there should also be some that can generate self-decrypting executables. But they’re subject to the same problems as before: Trojans (if it’s an exe), trust (do you trust the encryption algorithm used? the programmer? the website you got the program from?), and ease-of-use.
There was a discussion about Google on The News Hour last night, and the issue was touched on briefly. If I understood what the guest was saying, Google saves every search you do, and every Gmail as well. If the FBI handed them a National Security Letter…well, I’m sure you have nothing to fear. Or do you?
Google gets a lot of flak for that, but that applies to just about any website. Yahoo, Altavista, Microsoft, whatever can all save your personal data and surrender it upon request to the authorities. So can your ISP (witness the RIAA’s actions). You’re never really anonymous on the Internet unless you take extraordinary precautions, and it’s always been that way. Why does everyone blame Google for that?