Google has confirmed a number of changes to Gmail with the arrival of two new features that will let you know if the people you’re corresponding with aren’t hip with TLS encryption.
The alterations are fairly subtle: when you receive a message from, or are on the brink of sending a message to, someone using a service that doesn’t support encryption, you’ll see a broken lock in the top-right of the screen. Clicking on the icon will bring up a pop-up alert with an explanation and a warning to perhaps consider removing the offending recipient.
Likewise, if you receive a message that can’t be authenticated, you won’t be hit by klaxon alarms. Instead, Gmail will replace the sender’s profile photo with an incriminating question mark, identifying them as potentially suspicious. What you do with that information after that, of course, is entirely up to you. Despite the advent of this new warning system, Google stresses that not all affected messagesare necessarily harmful. It’s just better to practice caution.
This isn’t the first time that Google has taken a position against a lack of proper encryption. In 2014, the company announced that its search engine would be using HTTPS as a ranking signal. A year after, it revealed it would beadjusting its indexing system to look for more HTTPS websites. And then, in 2016, Paris Tabiz tweeted about preparations to call out HTTP as unsafe.
Google—which announced the latest Gmail features on “Safer Internet Day”—has also been cracking down onwebsites with fake download buttons, which is a fabulous change from the days when the company was being sued for violating anti-wiretapping and privacy laws.
SOURCE: Cassandra Khaw| Ars Technica