China Syndrome: Gmail Now Defaults To Encrypted Access
Specifically, once Google is done rolling this out to its users (it’s in the process of doing it now), the default URL for Gmail will include HTTP Secure (you can tell by looking at the url and seeing if it begins with “https”). “Using https helps protect data from being snooped by third parties, such as in public wifi hotspots,” Google writes today on its Gmail Blog. And while this wouldn’t have stopped the type of Gmail hacking that it seems was going on in China, it does make the service significantly more secure. Anytime you hear the words “hacking” and “Gmail” in the same sentence, it’s not good for Google as it attempts to convince everyone in the world that cloud-based email is the way to go. So a move like this following the China situation is a smart one.
Google started offering the option to enable this method of access for Gmail all the time in 2008, but it was previously opt-in. Now it will be opt-out (which you will be able to do in the settings). So why didn’t they turn this on sooner? Because https connections are typically slower than regular http connections since the data must be encrypted and decrypted first. But Google is now saying that after months of testing the latency of https, it feels comfortable enough with the performance trade-off to turn it on for all.
They also warn that switching to https can cause some issues if you use Gmail offline access. Read more about there here, as well general Gmail security here.