Gmail Security Warnings And A Heads-Up If The Government Is Hacking And Spying

Gmail_State-sponsored_WarningGoogle is enhancing the visibility of security warnings inside Gmail to protect billion plus active users all over the world. Now a days, company is expanding its safe browsing security notification which will warn users whenever they are opening malicious links included with emails. In fact, it will provide a full page notice about the suspicious link.

Google is also expanding state-sponsored attack warning inside Gmail which other like Facebook embraced. The users that gets Gmail Security Warnings are activists, journalists and policy makers taking bold stands around the world.

On Safer Internet Day, Google introduced a new visual element to Gmail that informs users when they received messages which are actually encrypted or composed a message to recipients whose email service doesn’t support TLS encryption. It has sudden response or you can say positive effect on Gmail security.

red lock

Since the day it was introduced, amount of inbound email sent over encrypted connection rises by 25%. Unfortunately, recent research with University of Michigan and University of Illinois shows that infectious parts of Internet can still tamper with email encryption. To make TLS encryption works effectively, Google has teamed up with variety of industry partners like Yahoo, Microsoft and Comcast. It is done to submit a draft IETF specification for SMTP strict Transport Security. With this new technique, companies ensure that mail will delivered through encrypted channels. Regards any Gmail Security Warnings encryption failure, further analysis takes place.

Simple Mail Transfer Protocol

SMTP stands for Simple Mail Transfer Protocol which is an Internet standard for electronic mail transmission. It by default uses TCP port 25. Actually, electronic mail server and other mail transfer agents uses SMTP to send and receive mail messages. User level client mail applications uses SMTP only for sending messages to mail server for relaying.

Gmail SMTP configuration

Gmail is a outstanding webmail application, but some people find it handier to access their own inbox from an email client like Thunderbird or Outlook: to do that it’s necessary to configure its outgoing server entering the right settings.
First, open the mail software’s configuration panel:

and fill the fields with the Gmail SMTP server settings, which are:

  • Gmail SMTP server name: smtp.gmail.com
  • Gmail SMTP username: your Gmail address
  • Gmail SMTP password: your password
  • Gmail SMTP port: 465

Gmail’s SMTP comes with severe sending limits in order to prevent spammers from using its outgoing server to damage out garbage emails.

Safe Browsing makes Gmail more secure

Since 2007, Safe browsing protects users across web by Gmail Security Warnings them before visiting any suspicious sites known for phishing, malware and unwanted software. We also gets protection from other Google products as well like Chrome, Android, Ads, Google Analytics and many more. It also protects Gmail users by identifying potentially dangerous links in messages. From this week, Gmail users will see warnings if they click on malicious link. It extended protection to different web browsers and email apps. The page warning will appears as :

new sb warning

Company expanded its security feature portfolio in 2012 with Gmail Security Warnings. This warning will identify targeted by the government, or in other terms, “state-sponsored” attacks. If any kind of intrusion attempt is identified, Google’s warning will include a link that will allow the user to beef up the protection on their account as much as possible.

Google concluded that less than 0.1% of users will ever see these warnings, which actually seems a bit high when you look at it from the standpoint of that being 1 in every 1,000. With millions of people using Gmail, that would mean that tens of thousands of people have received these messages since 2012.

For its latest addition, Google has enhanced some of its most important Gmail Security Warnings with a full-page roadblock. This will come up if the government is believed to be trying to access your account, or even if you click on a phishing link that you shouldn’t have – as a way of warning you twice. This is a good move, as many people might not actually notice the first warning due to rushing or simply not paying attention.

Unless Google pulls another surprise out of its hat in the near-future, the next big security update from the company we have to look forward to is SMTP STS. That rollout truly can’t happen quick enough, especially with certain government agencies expressing so much interest in gaining access to our email (and other data).

How SMTP STS improves Email Security over StartTLS?

smtp-sts-email-security

SMTP Strict Transport Security (SMTP STS) will work alongside STARTTLS to strengthen SMTP standard and to avoid encryption downgrade and Man-in-the-Middle attacks.

SMTP STS protects against an active hacker who wishes to intercept or modify emails between hosts that support STARTTLS.

SMTP STS relies on certificate validation via either TLS identity checking or DANE TLSA

The new email security standard will check if recipient supports SMTP STS and has valid and up-to-date encryption certificate.

If everything goes well, it allows your message to go through. Otherwise, it will stop the email from sending and will notify you of the reason.

So in short, SMTP STS is an attempt to improve where STARTTLS failed. And since the standard is only a draft proposal right now, you need to wait for it before it becomes a reality.

The Internet Engineering Task Force has six months to consider the possibilities of this new proposal, because the motion will expire on September 19, 2016.

Meanwhile, you should also try a Swiss-based, ProtonMail, a free, open source and end-to-end encrypted email service that offers the simplest and best way to maintain secure communications to keep user’s personal data safe.

Source – Gmail Security Warnings And A Heads-Up If The Government Is Hacking And Spying.