Google has implemented HTTPS encryption across its Gmail service, starting today, in a move blatantly directed at keeping the NSA out of Gmail users' private communications. HTTPS encryption has been standard at Google since 2010, but now Gmail is receiving the same level of security between Google's own data centers.
One of the NSA's key strategies was intercepting communications between servers on Google's side of the fence and taking advantage of weaker protection once a message was actually received at Gmail. With this new security measure, Gmail messages, whether sent or received are encrypted all the way, even between Google's servers. This happens regardless of the device you're on or the kind of network you're connected to. As Gmail's Security Engineering Lead, Nicolas Lidzborski, states:
Today's change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers—no matter if you're using public WiFi or logging in from your computer, phone or tablet. In addition, every single email message you send or receive—100% of them—is encrypted while moving internally. This ensures that your messages are safe not only when they move between you and Gmail's servers, but also as they move between Google's data centers—something we made a top priority after last summer’s revelations.
Are you happy to know Google is taking additional steps? How secure do you think your emails are?