Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: newbie question

From: "Bora Dal" <boradal () gmail com>
Date: Wed, 6 Sep 2006 09:59:12 +0300
 I think GMail uses SSL (https://....) by default; it certainly
supports it.  If you can connect directly to Google, that's probably
good enough.


Gmail does not use SSL in all phases of the your "mail experience". If
you take a look, SSL is used just in the initial login phase, sending
your credentials with SSL. The rest of the communication takes place
without the cover of encryption.

In my opinion the safest gmail use is done through enabling POP3 and
SMTP with "delete the mail from gmail mailbox after its retrieved
option" set. The mail dropped into the local mailbox should be
secured, ofcourse thats another story :)

Regards,

Bora Dal, CISSP, CISA

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: