Posts tagged China
Google Turns on Gmail Encryption to Protect Wi-Fi Users
Jan 14th
Google is now encrypting all Gmail traffic from its servers to its users in a bid to foil sniffers who sit in cafes, eavesdropping in on traffic passing by, the company announced Wednesday.
The change comes just a day after the company announced it might pull its offices from China after discovering concerted attempts to break into Gmail accounts of human rights activists. The switch to always-on HTTPS adds more security, but does not help prevent the kind of attacks Google announced Tuesday.
All Gmail users will now default to using HTTPS, the secure, encrypted method for communicating with a remote server, for their entire e-mail sessions, not just for log-in. Session-long HTTPS has been an official option for Gmail users since 2008 (and unofficial for much longer), but Google says it hesitated turning it on for all since the encryption does slow down the service.
“Over the last few months, we’ve been researching the security/latency tradeoff and decided that turning https on for everyone was the right thing to do,” Gmail Engineering Director Sam Schillace wrote in the Gmail blog.
This option often wasn’t necessary when people used fixed and trusted connections, such as their home or office DSL or cable lines. But as Wi-Fi connections, especially public ones, became more popular, hackers began using simple sniffing software to snoop on people’s online activities with the goal of stealing passwords.
Still, the switch doesn’t encrypt e-mail — it simply encrypts the communications in transit between Google’s servers and a user’s computer — the same as when you use your bank’s website. E-mails sent to other people are transmitted in the clear as they have always been. True encrypted e-mail can only be read by the sender and receiver, regardless of how they move across the internet.
For those whose schools or workplaces routinely monitor employee or student internet usage, the change also shields their e-mails from the IT department.
A coalition of privacy and security experts called on Google publicly to make the change last June, saying that Google was putting millions of people at risk by not using encryption as the default for their cloud computing services.
Users who find the service slows them down or determine that it’s overkill for their needs can turn the HTTPS off in their account settings.
Rival free e-mail from Yahoo and Microsoft do not use HTTPS throughout their sessions, nor do social networking sites or other so-called cloud-computing services.
Instead, most of those services use the secure HTTPS protocol only for logging in, and fall back to unencrypted browsing thereafter. Failing to use HTTPS full-time increases one’s vulnerability to a host of nasty hack attacks when using an open or badly secured network, particularly a public Wi-Fi spot.
APCN2 cable cut cripples connections
Aug 15th
A cut in the Asia-Pacific Cable Network 2 (APCN2) undersea submarine cable crippled connection speeds for users in the Asia-Pacific region on Wednesday, particularly in Singapore and the Philippines.
Users were sending updates to local forums and Twitter, complaining of slow connection speeds to sites hosted outside of the region.
According to a notice sent by Malaysian telco, TM Net, the cable fault was traced to segment 7 of the APCN2, which stretches between Shantou, China and Tanshui, Taiwan. TM Net traced the outage to Typhoon Morakot, which hit the region over the weekend.
Additionally, segment 1 of the APCN2 is also currently under repair. Repairs on segment 7 are expected to commence after work on segment 1 is completed.
TM Net said the repairs are expected to be completed by late evening Aug. 13.
Singapore operator, SingTel, confirmed the cable fault in an e-mail to ZDNet Asia, saying the APCN2’s consortium members have started restoration works and are diverting Internet traffic to other cable systems. It said the situation is expected to return to “acceptable levels” within the next 24 hours.
A status update posted on InternetTrafficReport.com showed SingTel’s Singapore gateway registered a score of only 34 points, compared to the global average “health” of network connections, which was 86 points as at 3pm Singapore time on Wednesday.
The site first started registering slower response times and packet loss in Singapore at 8pm Tuesday evening.
Cable & Wireless sent ZDNet Asia a status update at 6pm, Singapore time, noting multiple cable breaks have been also detected along the EAC (East Asia Crossing) and SMW 3 (South-East-Asia, Middle-East, Western-Europe) subsea cable networks, in addition to the APCN2.
These breaks have been concentrated specifically near Taiwan, with network traffic “adversely affected in and out of the region as a result,” said the operator.
Back in 2006, the APCN2 was taken out by a powerful earthquake in Taiwan. Internet access was reportedly badly disrupted and halted in some parts of Asia after the quake.
Source: ZDNet Asia
