![]() Of course, this is the value of signing your messages - it becomes much easier to detect such alterations between what was sent and what was received. Cryptographically signed messages, such as those using PGP or GPG, are broken by the tool as the content of the email body is modified in the process, the message no longer checks out with respect to the original signature. It allows the search giant to further extend its tendrils of click tracking into even private email conversations. Forcing users to head to a Google server to view the original URL they were sent is to many an egregious breach of privacy, and a security concern to boot. For many though, this explanation doesn’t pass muster. The stated aim is to prevent phishing, with Google’s redirect service including a link checker to warn users who are traveling to potentially dangerous sites. Reaching out to Google for comment, we were directed to their help page on the topic. However, a source claiming to work for Google confirmed that the new feature is being rolled out to G Suite customers, and can be switched off if so desired. The security implications are serious enough that many doubted the initial story, suspecting that the editing was only happening within the Gmail app or through the web client. This means that even those using external clients to fetch email over IMAP are affected, with no way to access the original raw email they were sent. This involves actually editing the body of the email before it reaches the user. Top, the original email, bottom, what was received.įor a subset of users, it appears Google is modifying URLs in the body of emails to instead go through their own link-checking and redirect service. Security Matters A test email sent to verify the edits made by Google’s servers. This change appears to make it impossible for IMAP users to see the original email without logging into the web interface, it breaks verification of the cryptographic signatures, and it came as a surprise. ![]() Google is one of the world’s largest e-mail providers, both with its consumer-targeted Gmail product as well as G Suite for business customers is a user of the latter, and was surprised to find that URLs in incoming emails were being modified by the service when fetched via the Internet Message Access Protocol (IMAP) used by external email readers. Crucial to the smooth operation of businesses worldwide, it’s prized for its reliability. Despite the popularity of social media, for communication that actually matters, e-mail reigns supreme.
0 Comments
Leave a Reply. |