Juha Saarinen




Google and Microsoft slacking off

, posted: 29-Jun-2010 11:20

I use Gmail a lot and earn Google advertising revenue in the process - which is fine in principle. However, while I appreciate the generally good and reliable service Google provides, I am starting to see a few lingering issues with Gmail that just don't seem to get fixed.

The first one is mixing HTTP when you have set Gmail to be served over HTTPS only. I do this in the hope of staying at least somewhat safe when I'm using untrusted networks here and overseas, so it's not great to see Chrome tell you that:

gmailfail3

. . . I'm not using an encrypted connection even though I asked for one. It's been like this for a long, long time, unfortunately, and I wish Google would sort it out.

Providing content over HTTPS seems problematic for Google, clearly. Its home page Gmail gadget stops working if you enable HTTPS:

gmailfail2

That error message should read "information is permanently unavailable."

To be fair to Google, other providers such as Microsoft don't seem to be able to do HTTPs fully either. If you ask Hotmail to give you enhanced security or SSL, it does so, but only for the login. After login is completed, you get the Windows Live site and Hotmail in plain ole HTTP. Without warning, I should add. Sure, having the login page SSL protected helps some, but why not go the whole hog here, Microsoft?

Finally, Google's anti-virus protection for Gmail attachments is undoubtedly a useful feature, but it seems to die more often than not:

gmailfail1

I highlighted that warning message, because it's not actually that easy to spot for users. There's also no setting to prevent non-scanned attachments from being opened.

"Could do better."

 

Permalink to Google and Microsoft slacking off | Add a comment (3 comments) | Main Index



Comment by daniel James, on 29-Jun-2010 14:55

hmm google needs to deal with this soon. very problemmatic

Comment by nic.wise, on 29-Jun-2010 22:09

interesting, I use gmail apps via ssl, and it works fine - except when it doesn't. I get a certificate error maybe once a month, or once every 2 months. Then it goes away again.

Maybe the UK servers dont do SSL properly or something? 

Comment by Linuxluver, on 29-Jun-2010 22:11

Reading the Gmail help on this feature doesn't clarify the scope of HTTPS use. They say clearly that they use https to authenticate login if you choose this setting. On another page, they talk about safe logins. 

So when they use the word "always" are they referring to always logging in with https? Or are they saying they use https for all traffic at all times?

There are suggestions in both directions....but nothing explicitly defining it as one or the other.  

Another blurry patch now arises where I thought I knew something. Thanks, Juha. :-)   

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Your name:

Your e-mail:

Your webpage:



Writing


Google News search

Wired

Guardian

IT News

PC World New Zealand

Computerworld NZ

PC World and Computerworld Australia

PC World US

Computerworld US

NZ Herald

Virus Bulletin

Content copyright © Juha Saarinen. If you wish to use the content of my blog on your site, please contact me for details. I'm usually happy to share my material as long as it's not for spamblogs and content farms. Please attribute with a link back to this blog. If you wish to advertise on my blog, please drop me an email to discuss the details.

Comments policy
All comments posted on this blog are the copyright and responsibility of the submitters in question. Comments commercial and promotional in nature are not allowed. Please ensure that your comments are on topic and refrain from making personal remarks.









This blog is hosted by Geekzone. Report this post. Contents are property and copyright of the author, or licensed. Geekzone®