Internet giant Google has hit back at criticisms from computer scientists and security experts that its online apps have security flaws.
“Google’s default settings put customers at risk unnecessarily,” an open letter from the group of experts said.
“Google’s services protect customers’ usernames and passwords from interception and theft. However, when a user composes email, documents, spreadsheets, presentations and calendar plans, this potentially sensitive content is transferred to Google’s servers in the clear, allowing anyone with the right tools to steal that information.”
In less than 24 hours after the letter was received, Google responded by posting on its security blog that it will promise to introduce new security features as quickly as possible.
“We’re planning a trial in which we’ll move small samples of different types of Gmail users to HTTPS to see what their experience is, and whether it affects the performance of their email,” wrote Alma Whitten, a software engineer in Google’s security division.
“Unless there are negative effects on the user experience or it’s otherwise impractical, we intend to turn on HTTPS by default more broadly, hopefully for all Gmail users. We’re also considering how to make this work best for other apps including Google Docs and Google Calendar.”
ABOUT THE AUTHOR
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.