Forgot your password?
typodupeerror
Google Security

Gmail Goes HTTPS Only For All Connections 141

Posted by Unknown Lamer
from the nsa-already-has-the-private-key dept.
Trailrunner7 (1100399) writes "Perhaps no company has been as vocal with its feelings about the revelations about the NSA's collection methods as Google has, and the company has been making a series of changes to its infrastructure in recent months to make it more difficult for adversaries to snoop on users' sessions. The biggest of those changes landed Thursday when the company switched its Gmail service to HTTPS only, enforcing SSL encryption on all Gmail connections. The change is a significant one, especially given the fact that Google also has encrypted all of the links between its data centers. Those two modifications mean that Gmail messages are encrypted from the time they leave a user's machine to the time they leave Google's infrastructure. This makes life much more difficult for anyone—including the NSA–who is trying to snoop on those Gmail sessions." GMail also does TLS for SMTP, but regrettably Talk (what's left of it) does not do TLS for XMPP server-to-server connections, effectively forcing XMPP server admins to lower their security if they want to federate with Google.
This discussion has been archived. No new comments can be posted.

Gmail Goes HTTPS Only For All Connections

Comments Filter:
  • More lip service (Score:5, Insightful)

    by Anonymous Coward on Thursday March 20, 2014 @03:18PM (#46537277)

    The NSA has compromised certificates so this will make no real difference.
    This is the backscatter xray machine of internet security.

    • Re: More lip service (Score:4, Informative)

      by vadim_t (324782) on Thursday March 20, 2014 @03:52PM (#46537575) Homepage

      Google has their own CA. Of course the NSA may demand certs from them, but Google will have to know, so the NSA can't do it secretly anymore

      • Uhmm (Score:5, Insightful)

        by nashv (1479253) on Thursday March 20, 2014 @03:56PM (#46537607) Homepage

        I don't know if you've been keeping up. But people fully EXPECT the NSA to be upto nasty secret snooping habits. That is actually the minor part of the story that caused the outrage. The more dangerous fact is that the NSA can demand companies or individuals turn over data to them and impose a gag order thus forcing them to keep it secret.

        So AC is right in this case. Just more lip service. Encryption on your own servers is the only way to remain relatively protected.

        • by Ungrounded Lightning (62228) on Thursday March 20, 2014 @04:53PM (#46538125) Journal

          ... people fully EXPECT the NSA to be upto nasty secret snooping habits. That is actually the minor part of the story that caused the outrage. The more dangerous fact is that the NSA can demand companies or individuals turn over data to them and impose a gag order thus forcing them to keep it secret.

          I agree that the latter IS a big problem. But I don't agree that it's the ONLY problem, or the only BIG one.

          National Security Letters are still relatively narrow compared to what the NSA did. They also tapped the fibers Google and others used to communicate with each other, and used these taps to snoop everything that went across them, without Google's knowledge.

          I encountered a Google engineer with job responsibilities related to that at a conference last year, and he was LIVID. They'd tapped fibers OWNED BY GOOGLE - trespassing and damaging them (aong with Google's credibility) in the process - with no letters, warrants, wink-wink-nudge-nudge, or what-have-you. Google has since been installing encryption thorughout it's network - not just where it leaves the building, but even from rack to rack.

          Maybe they're still stuck disclosing SOME stuff. But at least they're trying to know what it is, do their best to minimize it (and protect their model), and avoid inadvertently firehosing EVERYTHING into the maw of the NSA.

          • by ddt (14627)
            I imagine their data center power draws are starting to go up.
          • by u38cg (607297)
            I had a similar experience chatting to a Google employee. They were seriously pissed off.
        • Absolutely. You just made my point for me. The problem shall be now a lot of the media will now present this as a milestone to easing public anger over what the public knows. By now the NSA and GCHQ will know the files Snowden has through investigation (police greeting David Miranda with Terrorism laws at Heathrow to make copies of his HDD must have helped) so here comes the game of cat and mouse; possibly until Congress freaks out.

          It's the comedy that doesn't stop giving!
      • So long as Google can read your emails, so can the NSA. All they have to do is get a court order. With the way email works, any email provider can read your emails really, so it's not just google.

        What ultimately needs to happen is for emails to become assymetric encrypted.

        • Obviously. I didn't claim otherwise

          • This was meant to be a reply to a different post (I hit a different reply link from what I intended) but anyways I think I got my point across enough that I didn't create a second identical post in the correct place.

      • Re: More lip service (Score:4, Informative)

        by heypete (60671) <pete@heypete.com> on Thursday March 20, 2014 @04:34PM (#46537969) Homepage

        Google has their own intermediate CA, which is a subsidiary of GeoTrust. Given that such an intermediate could issue certs for the global internet, GeoTrust probable provides a "managed PKI" service where they retain control of the intermediate so that it will only issue certs for Google-controlled domains.

        In such a situation, GeoTrust could be compelled to issue certs using Google's intermediate CA without Google's knowledge.

        Alternatively, if Google maintained control of the intermediate, the NSA would need to compel Google to generate certs for them from their own intermediate. However, if the NSA went to GeoTrust and demanded that they generate an intermediate CA with all the same details (CN, O, OU, etc.) as the Google one, the NSA could generate certs for Google without Google knowing.

        • Google gets chrome to randomly send back certificates, and they then analyse them.

          Yes, the return certs could be modified in transit, or blocked, but that's tricky.

      • Re: (Score:2, Informative)

        by Wootery (1087023)

        but Google will have to know, so the NSA can't do it secretly anymore

        Sure, but that doesn't matter. Google (will roll | have rolled | are rolling) over for the NSA, so you don't gain anything by this.

        The moment the NSA have to ask you personally, that's when you're onto something. End-to-end crypto gives you that, of course.

        Related: Tox secure IM [tox.im], the Blackphone [blackphone.ch]. Do keep an eye on those two projects. Promising stuff.

        • by AmiMoJo (196126) *

          Of course it matters. The NSA is trying to spy on everyone all the time, and this means they will have to do far more to target individual Gmail users instead of just hoovering it all up. That's the goal, to make mass surveillance impossible or at least extremely costly. It doesn't have to be perfect to do a lot of good.

          • by Wootery (1087023)

            Google is in bed with the NSA. The NSA have Google's keys. There is at best some level of inconvenience for the NSA, but nothing more. Nothing to stop them spying on millions.

            You, the spied-on end-user, do not benefit. (Well, HTTPS might keep others out, but not the NSA.) You are not made aware of when the NSA spy on you.

            Anyway, even before Gmail 'went HTTPS only', virtually all use of GMail was surely still through HTTPS.

      • by Khashishi (775369)

        Google may have to know, but you won't know.

      • by AmiMoJo (196126) *

        More over Google have positioned themselves so that even if there was a secret court order to provide a certificate to the NSA it would be immediately obvious what had happened. Chrome pins Google certificates so if they change the user will be notified immediately. The court could order Chrome to have the new cert pinned as well, but of course it wouldn't affect older versions released prior to the order.

        Google does seem to be genuinely trying to resist, even if ultimately it may be futile. At least they m

      • by epyT-R (613989)

        What google's doing is just a stupid PR stunt. They are legally bound by law not to acknowledge any NSA wiretapping, so when it became public knowledge they put on a show of faux outrage as a PR stunt. I guarantee the NSA is still getting google traffic and that google is complicit in it.

    • by DickBreath (207180) on Thursday March 20, 2014 @03:52PM (#46537579) Homepage
      Better to compromise certificate authorities than to compromise certificates.

      After all, who wouldn't trust a certificate authority. There are so many to choose from.

      If your browser is presented with a genuine signed Google.com certificate, issued by Honest Achmed's Trusty Certificates of Tehran Iran, then why shouldn't your browser just trust this certificate from a trusted CA?
      • If your browser is presented with a genuine signed Google.com certificate, issued by Honest Achmed's Trusty Certificates of Tehran Iran, then why shouldn't your browser just trust this certificate from a trusted CA?

        Because if you don't accept, your browser will emit a shrill piercing wail [youtube.com], loudly declaiming your obscene and hertical attempts to use a secure connection which has not been certified. A yellow clad official [pingdom.com] -- likely of Arstotzkan [knowyourmeme.com] origin -- will appear to lend an air of official disapproval to

      • by AmiMoJo (196126) *

        If your browser is presented with a genuine signed Google.com certificate, issued by Honest Achmed's Trusty Certificates of Tehran Iran, then why shouldn't your browser just trust this certificate from a trusted CA?

        Because Google pin their certificates in Chrome, so the user would be instantly warned of the change. For non-pinned certificates you need to install a plug-in.

      • by whoever57 (658626)

        Better to compromise certificate authorities than to compromise certificates.

        Let's say you work for a large tech company based in Mountain View and, when connecting from home, you actually inspect the certificate that is presented to your browser and it isn't the certificate that you expect. What do you do?

        Next, assume you tell your bosses. What do they do?

      • This is why Ben Laurie and others at Google (and elsewhere) are pushing certificate transparency. This is basically a mechanism to see that the certificate that you see for server X is the same as the certificate everyone else sees. It means that the NSA has to either steal the certificate that Google uses, or MITM all connections to Google to be able to compromise the connection without detection. Or just ask Google to do it on their server...
    • The NSA has compromised certificates

      Odd you should mention that. The link in the summery gave me a bad cert alert for */hs.llnwd.net this has happened to me before (Opera 12). llnwd.net is a source for video http://support.brightcove.com/... [brightcove.com]

      I see it as a problem with Opera, but reject them just in case.

    • by kqs (1038910)

      Oh noes! You are clearly smarter than Google, since they didn't think of that [blogspot.com]!

    • by Agripa (139780)

      All it takes is for one compromised certificates to be saved for analysis. It is not going to match the standard certificate and either someone forged it with the certificate authority's key or the certificate authority made it. Either way, it represents proof that they were compromised.

  • by goombah99 (560566) on Thursday March 20, 2014 @03:19PM (#46537283)

    Does Google not recall the NSA post it note showing that they intercept the post-SSL server to server commuincations within the googleshpere? NSA doesn't care about HTTPS to google as long as that back channel is still there.

    • by goombah99 (560566) on Thursday March 20, 2014 @03:20PM (#46537293)

      Here's a link:

      http://www.gizmodo.com.au/2013... [gizmodo.com.au]

      • by swillden (191260)

        Here's a link:

        http://www.gizmodo.com.au/2013... [gizmodo.com.au]

        That document is what motivated Google to encrypt all links between data centers, specifically to stop that.

    • Supposedly Google recently closed that loophole. But I seriously doubt that was the NSA's only way in. If I were running the NSA, half the staff at google would be my agents. If that's truly the case, there's basically nothing google can do to stop them.

      • by gstoddart (321705)

        If that's truly the case, there's basically nothing google can do to stop them.

        Walk in with a couple of FISA warrants and a few guys in dark suits .. and guess what? There's still not a fucking thing Google can do to stop them.

        At best Google will encourage better security from other parties, but if you think you can stop Big Brother carrying a FISA warrant that says your ass goes to jail for a long time if you tell anybody ... well, you're awfully naive.

        This is good PR, and it's good security practice. Bu

        • Walk in with a couple of FISA warrants and a few guys in dark suits .. and guess what? There's still not a fucking thing Google can do to stop them.

          If I were Google and seriously concerned about this, I'd encrypt the data in a chaining mode and keep half(+-) of the bits in different data centers in different jurisdictions.

          Yeah, the bandwidth issue is real. But the best a gang could do is seize some drives with nothing useful on them. They'd be better off attacking the suspect's machine, and then at that p

          • by gstoddart (321705)

            If I were Google and seriously concerned about this, I'd encrypt the data in a chaining mode and keep half(+-) of the bits in different data centers in different jurisdictions.

            Right. Sounds good in a paperback novel.

            But when they can compel you to hand over your data and not tell anybody, they can compel you to hand over all your data, including how to assemble the bits again. A National Security Letter is an all powerful writ if they want them to be.

            You really think "no sir" or "we don't know how" are go

    • by QuasiSteve (2042606) on Thursday March 20, 2014 @03:27PM (#46537367)

      Isn't that in part what this..

      The change is a significant one, especially given the fact that Google also has encrypted all of the links between its data centers.

      ..is supposed to refer to?

      Of course if they're just going to pretend to be Google and fool browsers into thinking they're talking to Google and decrypt/re-encrypt at that point, there's not much Google can do about it anyway.

      • by kqs (1038910)

        Of course if they're just going to pretend to be Google and fool browsers into thinking they're talking to Google and decrypt/re-encrypt at that point, there's not much Google can do about it anyway.

        Yeah, not much they can do [chromium.org].

    • by rudy_wayne (414635) on Thursday March 20, 2014 @03:57PM (#46537611)

      Ultimately, encryption is meaningless. If the NSA (or any other governmental agency) wants something, they will get it.

      Even if you invent some suoer-duoer-impossible-to-crack encryption, they will simply go to a secret court (that is accountable to no one) and get a secret order, that you must comply with and that you aren't allowed to talk about under penalty of going to prison, on the grounds of NATIONAL SECURITY.

      Until *THAT* problem is addressed, encryption is meaningless.

      • by Patch86 (1465427)

        That would be a considerable extra step for NSA to comply with. If your data is unencrypted, they merely need to scrape the data and away they go- easy mass surveillance of any number of 100's of millions of people.

        If they had to take every one of their targets to a secret court (alerting them to their presence while they're at it), mass surveillance would simply not be practical.

        The same logic goes for throwing up almost any security barrier. Nothing is unbreakable in the long run, but you can make it so d

  • by Anonymous Coward

    The feds have all the SSL keys anyhow.

    • Re:Doesn't matter (Score:5, Interesting)

      by Agent ME (1411269) <agentme49@g m a i l . c om> on Thursday March 20, 2014 @03:26PM (#46537353)

      If perfect forward secrecy is used in the connections (which most HTTPS sites seem to do last I checked), then knowing the private keys doesn't even help them decrypt a connection, *unless* they're actively man-in-the-middling the connection from the start (which I'm sure they do often against interesting people, but probably not anywhere near 100% of everything).

      • Re:Doesn't matter (Score:5, Informative)

        by vux984 (928602) on Thursday March 20, 2014 @03:32PM (#46537411)

        Unless Google is just handing them everything anyway via Prism, or whatever other programs are in place.

        This is like installing bars over the windows to keep the govt out, knowing full well you already gave them the keys to the front door.

        • Re:Doesn't matter (Score:5, Informative)

          by glenebob (414078) on Thursday March 20, 2014 @04:00PM (#46537651)

          Somebody mod this up. This is dead right.

          Google can encrypt the data all they want, right down to encrypting it when it arrives, and leaving it encrypted for its lifetime on their servers, but the NSA can just say "gimme the data AND the keys to unlock it". The keys are just data, and obviously Google has access to them, therefore so does the NSA.

          • Re:Doesn't matter (Score:5, Insightful)

            by swillden (191260) <shawn-ds@willden.org> on Thursday March 20, 2014 @05:52PM (#46538589) Homepage Journal

            Somebody mod this up. This is dead right.

            Google can encrypt the data all they want, right down to encrypting it when it arrives, and leaving it encrypted for its lifetime on their servers, but the NSA can just say "gimme the data AND the keys to unlock it". The keys are just data, and obviously Google has access to them, therefore so does the NSA.

            More precisely, the NSA would just say "gimme the decrypted data". But it's simply wrong to say that's not an important difference.

            If the NSA can snoop all connections they can scoop up terabytes of data and figure out later what's interesting and no one is the wiser. If they have to ask Google, they have to make the request specific and they have to provide justification that will satisfy some set of legally-defined standards -- and Google will then add the request to the published transparency statistics so legislators and voters can see how much is being done and decide if it's excessive.

            There's a huge difference there.

            Oh, and I can't think of any case in which the government could legally demand the keys.

            • by vux984 (928602)

              Oh, and I can't think of any case in which the government could legally demand the keys.

              Pretty sure that's exactly what they did to Lavabit:

              The government's move against Lavabit was resisted tenaciously by Levison. After much wrangling, Levison eventually handed over Lavabit's cryptographic key in digital form, after earlier trying to satisfy a court order by printing out and handing over a copy of the key in 4-point type, a move that irked the judge handling the case.

              After Lavabit resisted complying with g

              • Re:Doesn't matter (Score:4, Informative)

                by swillden (191260) <shawn-ds@willden.org> on Thursday March 20, 2014 @06:46PM (#46539099) Homepage Journal

                You really need to read the whole Lavabit story. Basically, the government was able to convince the court that the combination of Lavabit's security architecture and the company's early stonewalling demonstrated that the only way to be sure they got all of the data the court had ordered Lavabit to hand over was to require the keys. Had Lavabit complied initially and just handed over the requested data the question of keys would never have come up.

                That may seem like a subtle distinction, but it's not. The court never said that the government has a general right to demand keys, it just said that in that particular case there were factors which meant that merely asking for the data was not going to work, and that, therefore, the government could demand the key.

                In Google's case, if the government asks -- through correct legal channels and with an appropriately-specific request -- for your e-mail, Google can and will simply comply with the request, which means that the government has no need to get keys. The only reason the government would ask for keys is in order to obtain the ability to do mass surveillance which cannot be justified Constitutionally -- and Google has the legal and technical resources to make that argument and to appeal it to the highest level.

                • by vux984 (928602)

                  So to sum up:

                  As long as you give them everything they ask for, AND they believe you have done so. Then they can't ask for the keys.

                  If you don't give them everything they want, or they don't beleive you gave them everything they want, then they can ask for the keys too, and get them.

                  That's a loophole big enough to drive a truck through.

                  The only reason the government would ask for keys is in order to obtain the ability to do mass surveillance which cannot be justified Constitutionally

                  Well that, or they don't

                  • by swillden (191260)

                    As long as you give them everything they ask for, AND they believe you have done so. Then they can't ask for the keys.

                    No. There hasn't been a single example, AFAIK, of a company complying with a court order then not being believed.

                    That's a loophole big enough to drive a truck through.

                    It's not a "loophole" because (a) that's not what happened and (b) even if it had happened it would have been a case of one unreasonable judge, not a systemic issue. That's what appeals are for, etc.

                    • by vux984 (928602)

                      There hasn't been a single example, AFAIK,

                      And how exactly would we know? When the court proceedings are largely secret with national security gag orders attached?

                      The lavabit situation is pretty unique in that we even found out about it.

                      And whether or not its a loophole is mooted by the fact that you suggest we can avoid even being asked for the keys by handing over anything and everything that is requested in the first place.

        • by Khashishi (775369)

          It exists is to protect against folks like lulzsec, not the government.

          • by vux984 (928602)

            Of course that is true, and I wouldn't have made my comment if THAT is what the summary stated... but instead the entire summary is framed around the NSA...

            From the first sentence:
            "Perhaps no company has been as vocal with its feelings about the revelations about the NSA's collection methods as Google has, and the company has been making a series of changes to its infrastructure in recent months to make it more difficult for adversaries to snoop on users' sessions."

            to the last one:
            "This makes life much more

  • This is nothing but a waste of bandwidth and only makes tracking easier. Oh, wait... now I get it.

  • Are they using SSL, or are they using TLS? Which version of either are they using? Most modern browsers support TLS 1.1 and 1.2, but I can imagine Google falling back to 1.0 or even SSL for compatibility with fossils.

    As much as I personally love Google Talk, it's about as dead as you can get. Most links have been redirected to Hangouts, and those that aren't, you have to access manually. If anyone cares, here's the only working link that I'm aware of for Google Talk: http://www.google.com/talk/ind... [google.com]
    • by Baloroth (2370816)

      I just checked, TLS 1.2 when supported, but they will fall back to 1.0 if the browser doesn't support newer 1.1/1.2. Didn't see if they'll fall back to SSL or not (or if it falls back to 1.1 at all).

  • NSA LAWYER: Tech Companies Knew We Collected Their Data http://www.businessinsider.com... [businessinsider.com]
    • by poetmatt (793785) on Thursday March 20, 2014 @03:30PM (#46537405) Journal

      Please. This was debunked already. http://www.techdirt.com/articl... [techdirt.com]

      • And exactly why should we believe the companies' denials? Why should we believe they have any concern at all about any of this, aside from the possible bad PR?

        • by kqs (1038910)

          Good point. You're very wise to believe the NSA, and to ignore all of the "stories" about Google encrypting everything, and suing the government, and trying to limit search warrants. After all, it would be crazy, completely crazy to think that the NSA would try and cast blame on the very companies that tried to stop them. Why, the fact that the NSA tapped Google's dark fiber between datacenters proves that Google is lying and was giving everything to the NSA!

          Another possibility is that the NSA is lying an

  • by Anonymous Coward

    Glad to know that the copy of my mail stored for "archival purposes" in the service formerly known as Postini was sent there securely.

  • Pheww! (Score:3, Informative)

    by Anonymous Coward on Thursday March 20, 2014 @03:25PM (#46537341)

    What a relief. Now the only people that can get my data are government agencies that ask for it and advertisers that pay for it.

  • SSL/TLS is only for data in motion, and applications that choose to use it. Anyone who gets access to the backend will still be able to freely read as much content as they like

    • by blueg3 (192743)

      Encrypting data at rest doesn't get you much. Anyone who gets access to the backend gets access to the cryptographic keys used to read the data at rest.

      This is the case whenever the attacker has access to the cryptographic endpoint. The fact is, as long as Google is one of the cryptographic endpoints, if you have access to Google's data, you have access to it regardless of whether you pretend to encrypt it. The only way you can significantly change that is to make yourself (that is, the person sending and t

      • by joeflies (529536)

        I was primarily commenting because the summary said "Gmail messages are encrypted from the time they leave a user's machine to the time they leave Google's infrastructure." which is obviously incorrect. The messages aren't encrypted at all, only the network connections are.

  • by Marxist Hacker 42 (638312) * <seebert42@gmail.com> on Thursday March 20, 2014 @03:37PM (#46537455) Homepage Journal

    Isn't this a bit like the company that mines your data for profit is complaining about the government that mines your data for power?

    • Nobody want's competition. What if* Google wanted to move into the power market? No sense in giving the NSA a shortcut.

      *when

    • by Anonymous Coward

      Google may be many things, but at least they aren't doing it behind your back. Each service's ToS clearly say what they do and don't do with your data when you are on their domains.

    • by Anonymous Coward

      You can opt out of using Google's services. You cannot opt out of your government.

    • Isn't this a bit like the company that mines your data for profit is complaining about the government that mines your data for power?

      Well said.

    • by bill_mcgonigle (4333) * on Thursday March 20, 2014 @05:58PM (#46538641) Homepage Journal

      Isn't this a bit like the company that mines your data for profit is complaining about the government that mines your data for power?

      If showing you ads is like targeting your for a Hellfire drone missile strike, then sure. To me that fails the moral equivalence test.

      • And your friends ads. And of course, selling the NSA the information they have, since the only real qualm they have with privacy is not being able to make money off of it.

  • Weak SMTP SSL (Score:5, Insightful)

    by Anonymous Coward on Thursday March 20, 2014 @03:37PM (#46537457)

    Sure they use SSL on their SMTP servers, but when testing it using checktls.com I see that they use RC4-SHA, not a Perfect Forward Secrecy algorithm like Yahoo is now using (DHE-RSA-CAMELLIA256-SHA). If NSA were to get a copy of Google's private key, they could decrypt all of the traffic. So to me, no PFS is the same as no SSL.

    • traffic over SSL connections is not encrypted using public key cryptography.
      the certificate is only used to assert there is no man in the middle during key exchange. The data is encrypted with the randomly generated keys exchanged during the SSL handshake.

      • by heypete (60671)

        traffic over SSL connections is not encrypted using public key cryptography.
        the certificate is only used to assert there is no man in the middle during key exchange. The data is encrypted with the randomly generated keys exchanged during the SSL handshake.

        Your statement is true if and only if both sides of the connection use Perfect Forward Secrecy.

        If PFS is not supported by one or both sides, they revert to RSA key exchange which does use the server's RSA key to encrypt the session key. If the server's private key is compromised any non-PFS traffic that was logged in the past could be decrypted.

        The AC above says that the connection between checktls.com and Gmail is made using RC4-SHA -- in that case, no Perfect Forward Secrecy is being used and the connecti

    • by heypete (60671)

      That depends on the cipher preferences of the client (that is, the system sending mail to Gmail). In my case, connections from my server to Gmail's SMTP servers are made using ECDHE-RSA-AES128-GCM-SHA256.

      Connections from other services depend on how they're configured. Geocaching.com's outgoing mail server sends mail to Gmail using ECDHE-RSA-RC4-SHA.

  • by Anonymous Coward

    Because Google wants noone besides themselves spying on your email!

  • The article briefly mentions this, but does anyone have any additional detail? Are they using opportunistic TLS on SMTP connections?

    • by whoever57 (658626)

      Are they using opportunistic TLS on SMTP connections?

      Google has been doing this for a long time.

    • by heypete (60671)

      The article briefly mentions this, but does anyone have any additional detail? Are they using opportunistic TLS on SMTP connections?

      Yes.

      Depending on what ciphers are supported by the remote system, different ciphersuites will be supported. CheckTLS.com will only connect with RC4-SHA, but my server connects with ECDHE-RSA-AES128-GCM-SHA256. Your mileage may vary.

    • by manu0601 (2221348)

      If your side does not support TLSv1.2, then Google favors RC4 cipher to thwart BEAST vulnerability. There is only one RC4 cipher that brings PFS: ECDHE-RSA-RC4-SHA. It uses Ellipitic curve cryptography. If you do not support it, nor you support TLSv1.2, you will not get PFS from Google.

      The goal is to avoid BEAST, but RC4 is weak, and PFS is highly desirable.

  • About XMPP Security (Score:5, Informative)

    by qpqp (1969898) on Thursday March 20, 2014 @03:59PM (#46537627)

    effectively forcing XMPP server admins to lower their security if they want to federate with Google

    Just for the Google server, if you use a proper XMPP server (like Prosody, for example).

    Beware that many servers on the XMPP network use self-signed or invalid certificates, or even don't support TLS at all (such as gmail.com and all Google-hosted domains). It is possible to make exceptions like this:

    -- These hosts are allowed to authenticate via weaker mechanisms, such as dialback:
    s2s_insecure_domains = { "gmail.com" }

    [Server-to-server XMPP [prosody.im]]

    XMPP server operators are pushing for a wholly encrypted XMPP network [github.com] with several test-days, where they'll be flipping the switch to allow only encrypted communication, and the final switch to disallow unencrypted communication on May 19, 2014.
    It's going to include SSLv3, unfortunately, but we'll get there.

  • . . . because the NSA stated yesterday that tech companies were fully aware of snooping the who time (http://yro.slashdot.org/story/14/03/20/1745254/nsa-general-counsel-insists-us-companies-assisted-in-data-collection). If they're encrypting, it's either for show (porbable) or to prevent eavesdropping by anyone else but the NSA (unlikely, if this mattered to them they would have done it a long time ago.) So, yeah, this feels like it's for show so that people can continue to have confidence in Google's pla
    • . . . because the NSA stated yesterday that tech companies were fully aware of snooping the who time (http://yro.slashdot.org/story/14/03/20/1745254/nsa-general-counsel-insists-us-companies-assisted-in-data-collection).

      Not only aware, not one to let a dime slip by: "Billing invoices and other documents show Microsoft charging the FBI hundreds of thousands of dollars a month to comply with legal requests for customer information," http://www.dailydot.com/news/m... [dailydot.com]

      • by Kimomaru (2579489)
        Exactly. So I have to chuckle when the news reports that an irate Mark Zuckerberg calls the President to voice his displeasure over spying (http://money.cnn.com/2014/03/13/technology/security/mark-zuckerberg-nsa/) . I don't know what he's pretending to be mad about.
  • by Bob9113 (14996) on Thursday March 20, 2014 @04:22PM (#46537855) Homepage

    Gmail messages are encrypted from the time they leave a user's machine to the time they leave Google's infrastructure.

    Horseshit. The message is not encrypted. It is cleartext travelling over encrypted channels. It is on their machines in the clear, which enables them to do things for you, like search and filter, and against you, like profiling you and anyone who sends you email.

  • I seem to remember hearing they had already cracked SSL among all of the recent revelations.

    Either way, this is obviously a PR move. It should give nobody any high hope for Google's intentions...

  • You know, if I didn't know better, I'd think someone did this on purpose... right now the fortune at the bottom is:

    Today is a good day for information-gathering. Read someone else's mail file./quote.

  • Why would anyone still be doing this? They wont be supporting this really soon now, so everyone should have moved on by now.

It seems that more and more mathematicians are using a new, high level language named "research student".

Working...