Google Upgrades Security on Gmail

January 14th, 2010 admin

[From Google Upgrades Security on Gmail - Gadgetwise Blog - NYTimes.com]

Google is changing the default for its web mail service, placing security above performance.

In a blog post Tuesday night, Google said it would begin using Hypertext Transfer Protocol Secure, or HTTPS, technology to encrypt all traffic carried on its free Web-based e-mail service. HTTPS is a popular Internet protocol that combines the standard HTTP Web protocol with a layer of encryption based on the SSL/TLS protocol. It is commonly used by online banking services and shopping sites to protect secret customer data from interception by Web eavesdroppers.

Gmail has always used HTTPS to encrypt login pages, and thereby defend passwords, but encryption of e-mail traffic itself has been an option that users had to select. Now, Google will move all users to HTTPS by default, arguing that the security benefits of that outweigh the slight hit to the speed of e-mail delivery that the technology imposes. The performance impediment has been steadily diminishing as an issue because computing power, the speed of individual connections and overall Internet bandwidth have all expanded.

. . .

The move to HTTPS for Gmail was praised by some privacy advocates, who expressed hope that other popular Web-based email services, like Yahoo Mail and Hotmail from Microsoft, would soon follow suit. Making HTTPS use the default for all users is important because few people take the trouble to actively turn on security features, said Jeremiah Grossman, the chief technology officer of WhiteHat Security, a Web security firm. “It’s free security. Whenever that happens, we’ll take it.”

Posted in Operating Systems | No Comments »

On Facebook, Only the Rich Have Privacy

December 21st, 2009 admin

[From multicast » Blog Archive » On Facebook, Only the Rich Have Privacy]

My co-author, Christian Sandvig, blogs on the changes in the privacy settings for Facebook. Here are his conclusions:

Facebook gets to have the appearance of consultation (after all, you “agreed” by clicking through the above screen) even though the result overall is the reduction of privacy. As is clear in the table of this dotrights.org analysis of the Facebook privacy transition, the Facebook move is all about changing the defaults. They presumably did so because more data accessibility means more visibility and value for their service.

The larger point is that facilitating “choice” is bankrupt as a societal strategy for managing difficult problems (like privacy) related to new technologies. More than anything, it’s a strategy to circumvent difficult public deliberation (in this case, about privacy) that we as a polity ought to have. Even in the case of decisions with real consequences, if individual choice is used, as we put it: “the authority of software trumps that of advice” (p. 43)… Facebook’s pre-selected default options are going to be the societal policy in this area. And that means that effective regulation requires the scrutiny of defaults. Pushing individual choice offers us false freedom and this is not good enough.

privacytoolscreencapture_0.jpg

Posted in Operating Systems | No Comments »

Firewall in Windows XP SP2

March 6th, 2008 admin

[From Windows XP SP2s Firewall Will Be in Your Face]The first version of Windows XP had the firewall turned off by default. Windows Service Pack 2 changed several defaults, including the default for the Internet Connection Firewall. This changed recognized that users don’t understand firewalls and it is best if the firewall is turned on for most users. The image below shows the new settings in Windows Service Pack 2.firewallcontpanel.gif

,

Posted in Operating Systems | Comments Off