'Google Just Made Gmail the Most Secure Email Provider on the Planet'

Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."

For a given value of secure

Is it secure from Google?

Chrome only...

[mrsam]

I skimmed Google's write-up of their new offering, and was seriously considering looking into this. I bear no delusions of self-grandeur, or that anyone would have any reason to be interested in sorting through all the confirmation e-mails for the coffee I buy off Amazon; but I do have some key data tied up in the Googleverse, and the cost of an extra keyfob would not exactly break the bank. However, then I came to this:

Google services on the web

You will only be able to use the Chrome browser to access signed-in services like Gmail or Photos.

That breaks the deal for me, since I don't use Chrome, and it would not be convenient for me, for a few reasons. I can't really think of any valid technical reason why this results in any actual security, unless Chrome pins Google's CA; but the same thing can be done in any other browser too.

Re:Chrome only...

[darkmeridian]

No one else supports the FIDO U2F security key standard in their browser. FireFox should be getting around to it anytime now, and I believe that Opera does. But that's probably why: the valid technical reason is that no one else supports the security standard.

They did?

[JohnFen]

So they're now encrypting all the emails being stored on their servers and don't hold the key themselves?

Because if they're not doing that, then they're not anything close to "the most secure email provider on the planet".

Re:They did?

[swillden]

Mod parent up.

Without encryption on server and with law enforcement having backdoor access to Gmail, etc., this is meaningless.

Actually, Google does encrypt all of the email (and all other user data) on its servers, and even in-transit between servers in Google data centers, as well as in-transit between Google servers and your browser and (if supported by the other end) in transit between Google servers and non-Google email servers. Google encrypts all the things, all the time.

Oh, and law enforcement does not have "backdoor access", at least not the way that I would interpret the phrase. What law enforcement does have is search warrants, subpoenas and national security letters (though NSLs provide access to metadata only, not content -- not that metadata isn't very valuable). If law enforcement or other authorized agents of the courts present a valid and duly authorized document which legally compels Google to hand over your data, Google will hand over your data. If it's not correctly executed, is overly broad or has some other legal defect, Google will refuse.

If you don't like that warrants, subpoenas and NSLs can be used to access your data, either move it to a jurisdiction not subject to such rules, or take it up with your political representatives. Or switch from email to a communication protocol that was designed with end-to-end security in mind, with all of the limitations that entails (mostly, that you will have a hard time keeping old messages for a long time... and if it's really easy to use, chances are god that implies there is some entity playing a trusted role which could defeat the security).

Re:It's the same tool my identity theft plan uses

[ctilsie242]

How about FIDO U2F and the Google Authenticator ( RFC 6238 and RFC 4226)? The six digit TOTP code has been proven across many, many sites (I use it on Microsoft's, Amazon's, gmail's, and many others.)

What would be nice would be a dedicated PDA-like device with a camera for reading QR codes, a touch screen for inputting codes by hand, a charge-only USB interface, and a SD card interface for backing up the OTP seeds. The device never sees, nor cares about the Internet, and is only connected to a USB cable to get power.

The closest to this we have now is an iPod Touch.

Also breaking

[31415926535897]

In related news, the fox has made the hen house safer from outside predators. Hens everywhere are rejoicing!

Not by a long shot

[Troed]

I just switched from Gmail to ProtonMail because I wanted the most secure email provider. This little feature change by Google does nothing to change any of the important factors - one being that with ProtonMail all my emails are stored using client side encryption.

You cannot, ever, trust a US company where National Security Letters come into play.

Re: It's the same tool my identity theft plan uses

[Comboman]

The most secure system is to host it yourself, and encrypt the contents with a key you only have access to.

"Is that you Hillary?"

Sorry, my jokes are 6 months behind, I meant,"Is that you Jared?"