http://danielrm26.disqus.com/dmiessler.com/about/enWed, 25 Mar 2009 08:35:37 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-7490792<p>Good-day,</p><p>There is an easier way: In your google account <br>click on setting<br>click on the general tab<br>Under Browser connection: click on "Always use https"</p><p>TomB</p><p></p>TomBWed, 25 Mar 2009 08:35:37 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355437<p>Do not visit: <a href="http://www.mailsaurus.com" rel="nofollow noopener" target="_blank" title="http://www.mailsaurus.com">http://www.mailsaurus.com</a> IT IS A TROJAN Downloader website. Reported by Kaspersky.</p>SakeSat, 25 Oct 2008 15:06:01 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355372<p>don't forget to grab your FREE Digital Cert from comodo. (they're a trusted root CA)</p>cryptomanFri, 17 Aug 2007 13:30:55 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355371<p>The fact that email on the Internet is insecure is well known. The point is that when you're on a network that allows one to easily read network traffic, it presents an especially high risk of being intercepted by those who could take interest in you and/or cause you harm.</p><p>In other words, some trashy network admin (or fellow coffee drinker) having all your email, wherabouts, agendas, news sources, etc. is much more dangerous than having it floating randomly on the Internet.</p>Daniel MiesslerWed, 15 Aug 2007 09:19:05 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355427<p>I want to echo the comments that email without encryption is insecure, even if you use https to get it to the mail server. Once it leaves Google/Yahoo!/MSN/your ISP, it's not encrypted unless you do it yourself. Look into PGP/GPG as another comment said.</p>TimWed, 15 Aug 2007 08:37:00 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355426<p>I agree totally with your article if you use Firefox "hopefully if you use a pc" I recommend a extension that covers most of these issues plus Google analytics: <a href="http://www.customizegoogle.com/" rel="nofollow noopener" target="_blank" title="http://www.customizegoogle.com/">http://www.customizegoogle....</a> I'm more concerned about that side of it check this out <a href="http://en.wikipedia.org/wiki/Google_Analytics" rel="nofollow noopener" target="_blank" title="http://en.wikipedia.org/wiki/Google_Analytics">http://en.wikipedia.org/wik...</a> thanks for the heads up though if I have to use IE I'll remember to take your advice.</p>ArickMon, 13 Aug 2007 15:12:09 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355425<p>Thanks for this powerful tips!</p>fropertMon, 13 Aug 2007 06:09:26 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355424<p>Thank the heavens Firefox has a way to avoid this.</p>Doug WoodallSun, 12 Aug 2007 13:12:50 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355423<p><a href="http://googlonymous.com/" rel="nofollow noopener" target="_blank" title="http://googlonymous.com/">http://googlonymous.com/</a></p><p>Google Anonymously..</p>Fred DurstSun, 12 Aug 2007 03:11:41 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355422<p>Oh, this certainly scares me. I had better consider on other alternatives if such privacy issue is going to be persist.</p>KeithSat, 11 Aug 2007 06:36:38 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355421<p>I don't think gmail does encrypt your activities if you use a standalone client requiring SSL.</p>LorenSat, 11 Aug 2007 02:55:48 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355420<p>No the POP access is crypted. It uses POP over a secure SSL connection, as https do. You can see it on the help center of Gmail.</p>MattFri, 10 Aug 2007 20:30:32 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355419<p>I use https for gmail, calendar, and picasa, but there's *no* way to do it for notebook! grrrrr...</p>WoodyFri, 10 Aug 2007 20:21:56 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355418<p>What about fetching gmail content via POP? I believe it is unencrypted too...</p>Anonny MouseFri, 10 Aug 2007 19:46:52 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355417<p>A very handy article, thanks!</p>Phil DufaultFri, 10 Aug 2007 14:08:40 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355416<p>If someone is ON your network and wants your data, you're going to need a lot more than https. There are tools that will let you view that traffic just as easily as everything else. Fortunately, most people are not that important. No one really cares about your e-mails or IMs as much as you think they do.</p>PENIXFri, 10 Aug 2007 11:53:30 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355415<p>Also, if you want to keep your search history with Google anonymous, make sure you're not logged in to your Google account (gmail, gcal, etc.) AND use either the BlackBox or Scroogle search redirectors, which anonymize your Google searches by making them from a different IP address than yours.</p>Angus S-FFri, 10 Aug 2007 11:52:06 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355414<p>Awesome! Now we need to figure out how to safeguard Google from our data!</p>XFri, 10 Aug 2007 11:45:48 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355413<p>Good advice, as far as it goes. Encrypting our data on its way to Google then decrypting it at Google mostly ensures that they get it safely, but at what point do people start getting concerned that Google has all their data? At what point do we worry that they monitor, mine, and market our data and online behavior? The same people freaking out about the government or Microsoft collecting some of our data are usually the ones who happily give it all to Google.</p><p>If Google cares about our privacy or security, they'll provide a way for us to encrypt our data when it leaves our system, to be decrypted only when we get it back on our system.</p><p>But, yes, if you really care about your privacy, encrypt your email yourself before using any email system. And do not use Google Docs or any online service for anything sensitive. Onerous task when G and Y! and MS and others make it so easy to hand everything over to them. Hard drives are cheap.</p>bill weaverFri, 10 Aug 2007 11:24:23 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355412<p>I thank you for alerting me to this.</p>10668844Fri, 10 Aug 2007 11:04:02 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355408<p>It isn't fair that you make it sound like google doesn't willingly permit this use of their services. You assume they revert to non-https because it is easier on their servers. I think your off there, and your off on making it sound like this a hack, rather than a published alternate method.</p>EvanCarrollFri, 10 Aug 2007 10:21:55 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355407<p>In Windows XP I keep a shortcut in my quick launch folder, for easy clickin'. I use this because the gmail notifier launches in unsecured http:// mode and there's no way I've found to change it.</p><p>Target:<br>"C:\Program Files\Mozilla Firefox\firefox.exe" "<a href="https://mail.google.com" rel="nofollow noopener" target="_blank" title="https://mail.google.com">https://mail.google.com</a>"</p><p>Start in:<br>"C:\program files\mozilla firefox"</p><p>Icon:<br><a href="http://mail.google.com/favicon.ico" rel="nofollow noopener" target="_blank" title="http://mail.google.com/favicon.ico">http://mail.google.com/favi...</a></p>JJFri, 10 Aug 2007 10:18:01 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355406<p>how can i download this tool tcdump? what is its system requirements? please reply thanks...</p>fcukbeatFri, 10 Aug 2007 10:08:56 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355410<p>&gt;&gt; Using anything online is like shouting “Fire” at a friend while you’re both alone in a bathroom in a theater.</p><p>&gt;is this an american thing?</p><p>Yes. It is an American thing. It's a funny turn of phrase if you know the background. There was a major freedom of speech case that was decided by the U.S. Supreme Court years ago in which a very learned justice said that freedom of speech doesn't mean you can yell "fire" in a crowded theater.</p><p>So, I assume lofi means: using encryption for communication about illegal things on line ("shouting 'Fire'") is still illegal, but one step removed from public speech ("in the bathroom in a theater.")</p>JonasFri, 10 Aug 2007 09:44:51 -0000http://dmiessler.com/blog/why-you-should-encrypt-all-of-your-google-activities-poc#comment-4355411<p>Good trick to explain the problem! With GMAIL we have a possible solution using HTTPS, but what shall we do with other mail providers? That secure protocol isn't always available...</p>Maurizio ColleluoriFri, 10 Aug 2007 09:44:05 -0000