We believe in the long term value of Apple hardware. You should be able to use your Apple gear as long as it helps you remain productive and meets your needs, upgrading only as necessary. We want to help maximize the life of your Apple gear.
No,
Google's free email service
hasn't left beta, a status it has had since it was introduced over five
years ago.
Google has begun testing a more secure version of Gmail (Google Mail
in the UK and Germany) that uses secure, encrypted HTTP. Although Gmail
uses HTTPS when a user logs in, it uses insecure, unencrypted HTTP for
everything else. That means WiFi users are susceptible to having their
email read by hackers.
The HTTPS protocol encrypts data sent between the user's computer
and the server, which means that the WiFi data a hacker sees will be
garbled even if your WiFi connection itself isn't encrypted.
Nothing New
Google already offers HTTPS to Gmail users, but it's turned off by
default. To enable it, log into Gmail using your favorite browser,
click on the Settings link, and scroll to the bottom of the
page. I did that with my oldest Gmail account this morning, even though
I connect via ethernet instead of WiFi.
Tell Gmail to always use HTTPS.
What is new is that Google will be testing the secure connection for
a sampling of users who haven't selected it. Google will be
performance testing HTTPS to see if service remains fast enough or
degrades under the additional overhead imposed by encrypting the data
and verifying a secure connection.
Depending on the results, Google could move more users to HTTPS
transparently over time, eventually making it Gmail's default
behavior.
Until then, if you ever access Gmail via unencrypted WiFi, I suggest
you make sure your account is set to always use HTTPS.
Less Secure
Jeremiah Grossman, chief technology officer at White Hat Security,
says that Google is already way ahead of Yahoo and Microsoft, which
don't offer HTTPS to their free email users.
Interestingly, Google Docs, Google's free cloud-based word
processing and spreadsheet service, and Google Calendar use an
unsecured HTTP connection by default and don't offer users the option
of always using HTTPS. However, users concerned for security can access
these services securely by typing https:// rather than
http:// when connecting to Google's servers.
Some Glitches
Using secure Gmail isn't without some
drawbacks. In addition to more system overhead due to encryption and
decryption, some services are currently incompatible with Gmail via
HTTPS:
If you use iGoogle, a
personalized Google page, the Gmail gadget won't work.
If you use Gmail
Notifier with Windows, you need to update the program to work with
HTTPS.
If you use Gmail Mobile
versions prior to 1.5, you may experience errors. With version 1.5 or
later, you'll need to enable
the "Always use secure network connections (slower performance)"
option.
If you use Google
Toolbar in your browser (Internet Explorer and Firefox only), you
may experience 404 errors. The only solution at present is to not use
HTTPS.
My advice is that if you're using Gmail over an unencrypted WiFi
connection, you enable HTTPS to protect yourself. Without that
protection, it's possible that a hacker could gain full access to your
Gmail account.
My Love/Hate Relationship with Gmail
I cut my online teeth a long, long time ago using America On-Line
with an SE/30 at work
(ComputerLand of Grand Rapids) and a Mac Plus at home. Once I got a
"real" Internet account (circa 1996/97), I started using Yahoo Mail - and I still use it for my
personal email. I really like the way Yahoo Mail works, although the
service has its drawbacks: It can be slow on older hardware, there's no
free POP3 access, there's not HTTPS option, and it does a lousy job
filtering spam - you get both false positives and false negatives.
Still, I'm comfortable with it. I will, however, be more careful when
using it via WiFi.
I've been a Gmail user since the first year it was available, and I
love its speed, storage space, excellent spam filtering (in my
experience, over 99.9% of what goes into the Spam folder is
spam, and less than 1% of the mail in the inbox is spam). Gmail has
powerful search capabilities, which you'd expect from Google, and it
offers free POP3 and IMAP access, so you can use it with your favorite
email client.
For all that, Gmail has one feature I don't like and wish I could
disable - even temporarily. Gmail only displays messages in threaded or
"conversation" mode that collapses emails you've already read. That's
just fine most of the time, but it can get horribly messy when several
people are responding to a posting on Google Groups, for instance.
Although it is possible to delete individual messages from a thread,
you don't do it using the Delete button. Instead, you have to
expand the message (if it's been read and collapsed), click on the
triangle next to the Reply button, and choose Delete this
message. Not intuitive or user friendly.
One solution is to use Gmail with a real email client, such as the
Mail app that comes with Mac OS X (which, by the way, can access
multiple Gmail accounts at once using POP3 or Gmail). That eliminates
the headaches of threaded mode, but it would be nicer if Gmail had the
option of sorting messages (not just conversations) by date. And that's
really the only thing I hate about Gmail.
If you're not a Gmail user, consider it. It's fast. It's free. It's
huge (7.8 GB of storage space at present). It's easy to learn. It does
a great job filtering spam. There's a Basic HTML view for older
hardware. And, as if all of that wasn't enough, you can use it with
your favorite email client.
And now you know how to make sure it's secure no matter how you
connect to the Internet.
Dan Knight has been using Macs since 1986,
sold Macs for several years, supported them for many more years, and
has been publishing Low End Mac since April 1997. If you find Dan's articles helpful, please consider making a donation to his tip jar.
Links for the Day
Mac of the Day: Power Mac 6100, introduced 1994.03.14. The entry-level first generation Power Mac had a 60 MHz PowerPC.
No,
