Google just made Gmail the most secure email provider on the planet

Last year, hackers working for the Russian government tricked John Podesta, one of Hillary Clinton’s top advisers, to give out his Gmail password. Months later, his private emails started to appear on WikiLeaks. The rest, as they say, is history.

There is no way of knowing how much the coverage of the “Podesta Leaks”, as Julian Assange dubbed them, influenced the election. But they certainly captured media and voter attention for weeks. Now Google is launching a new feature to prevent such attacks on Podesta, or at least make them much harder to eliminate.

Read more: The motherboard guide to not getting hacked

Anyone with a Gmail account can now activate what the company calls “Advanced Protection,” a set of features that make it harder for your Google Account to be hacked. These are aimed specifically at “high risk” users, as google says. These are political campaign staff, activists, journalists or people in abusive relationships.

The main security benefit is the need for a key or token to log in as a second factor, instead of a code sent via text or app. This is much better because there is no way for hackers to steal or phish this remote key (there have been isolated incidents of hackers using social engineering to gain access to the cell phone number from someone by asking the supplier to issue a new sim cardfor example).

With these new features, Gmail is now the most secure email provider available on the internet if you’re worried about hackers breaking into your private correspondence.

“This is a major step in the right direction in providing the same kind of protection that high profile people have for everyday people,” Kenneth White, a Washington DC-based security consultant to agencies, told Motherboard. federal. “They really thought about it, and while it might not make sense for everyone, for those who need it, it’s a much-needed option.”

Of course, with strong security comes trade-offs.

First, you will need two security keys to access your account. One for your computer and one Bluetooth-enabled for your cell phones and tablets. Keys suggested by Google cost a total of $43.

“An attacker who doesn’t have your security key is automatically blocked, even if they have your password,” Google writes.

Also, if you enable advanced protection, only Google apps will be able to access your account. This may be a response to an incident that occurred in May, when someone created a rogue app that looks like Google Docs and tricked hundreds of thousands of people into granting him full access to their Gmail accounts. This can be a drawback because many apps use Google data (for example, if you’re using a third-party calendar app that takes data from Google Calendar).

Finally, if you enable the new security features, it will be more difficult to reset your password in case you lose access to your account. But if you’re the target of government hackers or sophisticated hackers, these tradeoffs are certainly worth it.

Do you have any advice? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzo@jabber.ccc.de, or email lorenzo@motherboard.tv

Get six of our favorite Motherboard stories every day by subscribing to our newsletter.


Source link

June J. Lopez