Why is GMail the most secure and unbeatable?


I feel that some people’s veins broke after reading this title 😉 But I’m in a hurry to explain why, in my opinion, it’s worth using GMail if you want to have the most secure e-mail box on the Internet. And why even people who value privacy should seriously consider choosing GMail as the lesser of two evils.

There are many mail providers, but which is the best?

I was prompted to write this article by the discussion that took place under our yesterday’s text about the ID card scam and BLIK (By the way, Mrs. Weronika has already recovered all the money she blew out the criminal). Well, in that article we advised you to take care of the security of the mailbox, because the theft by BLIK began with the takeover of the mailbox. The text says that GMail is unrivalled in terms of security.

Fortunately, the same Kenjiro then quickly realized that “that’s not an option for Kowalski.” Exactly. He’s aged ten! The problem is that most Internet users are Kowalskis, not administrators who do not have a private life, who have time to constantly look after their own mail server and make sure that it regularly replaces broken equipment, removes other faults, and above all, on time patch holes (apart from the fact that one administrator will never be able to match Google with its own knowledge and capabilities).

Okay, but why is this GMail more secure?

Well, in order:

GMail has a dedicated 24/7 team of truly excellent engineers and security specialists who take care of the service professionally. Your private mail server can only dream of such care (you must be sleeping once, right?). In addition, Google, due to being a big player, learns about errors and holes earlier than others (cf. Hartbleed), and sometimes knows about them right away, because many of the errors that threaten the Internet are found by employees of this company themselves (cf. Meltdown and Specter). Few companies can also afford to run a bug bounty like Google, which also has a huge impact on the security of GMail. In short, the resources, staff, knowledge, contacts and capabilities of Google can only be matched by Microsoft (even good mail, but no working support for U2F) or Apple (poor mail).

    GMail knows. He knows a lot because he sees most of the e-mails circulating on the Internet. There are currently 1.5 billion active GMail accounts. This is about 20% of people in the world (not Internet users, people!). Insight into their emails means that Google is quickly able to spot spam attacks and campaigns. And that’s why anti-spam works so well in this community. When an email is flagged as “bad” by a certain number of users, it is automatically blocked by all users, which immediately protects one and a half billion people. Thanks to this, and thanks to the help of heuristics and built-in antivirus engines, GMail is great at detecting suspicious emails and attachments. And it is the only one that clearly warns users about threats. Here are some concrete examples of why GMail rules:

 

 

A. Marking a suspicious message that has characteristics considered by others to be an “attack”

Beware of an encrypted attachment (possible attempt to circumvent anti-virus software)

A warning about the use of an unusual e-mail by a known sender

Warning when a message comes from a spoofed email address

Warning when the virus scanner “crashes” for attachments

  • Marking spam, even if it was redirected to inbox by sorting rules

Warning that the reply to the recipient will not be sent via encrypted links (it is possible to eavesdrop on the Internet, on the route from GMail servers to the recipient’s mail servers)

GMail supports two-factor authentication via U2F tokens. This is an extremely important, if not the most important function. If you buy and attach a U2F token to your Google account, no one – neither Russian hackers nor criminals – will be able to attack you with the most effective, cheapest and most common attack on the Internet today: phishing. Even if you reveal your password during a moment of temporary stupor or alcohol intoxication (or someone learns it as a result of a leak from another place), no one who does not have your U2F token in hand will not log in to your account.

Why U2F is important: How it works and why you need it.

And no, two-step authentication via SMS or Google Authenticator or Prompt apps does not protect against phishing – the second step configured in this way can be bypassed – how easy it is, I show it during the lecture How not to get hacked? — it’s worth coming and seeing, because in addition, for 3 hours it also provides other useful information to every Internet user.

Personally, I think U2F is the most important and mandatory security setting that every GMail user should enable immediately – read this article to find out why. Protonmail doesn’t have U2F support, Outlook doesn’t work for everyone, and Fastmail does, but you have to pay for it.

GMail has Advanced Protection. If you enable it, you will be protected against “personalized attacks” and then your GMail account secured with U2F tokens will not be able to bypass the “helpdesk” social engineering (cf. How Amazon helped hack Apple) or the “forgotten my password” form and answers to the question what is our favorite color. I recommend enabling all “more important” targets, i.e. journalists, celebrities – generally VIPs. You need at least 2 different U2F tokens.

After enabling “Advanced Protection”, it is worth removing the phone number from your account configuration. This will prevent you from “forced” login by SMS code. If you do not disconnect the number, someone who is able to read your text messages because they have access to your computer (with which you synchronize the text messages) or obtained a duplicate of your SIM card may be able to bypass the window asking for the U2F key when logging in and will gain access to your e-mail.

Depending on how paranoid you are, you can also delete the alternate email address – but if you want to leave it, I suggest that it be an equally secure GMail account.

Google has many other security-enhancing features, such as “Confidential Mode” (i.e. encrypted and auto-deleting messages – although it’s not worth trusting that the recipient will actually delete such a message and Google will not know its content):

There are also “Application Passwords” and a granular model of permissions/access to the Google account, access logs, suspicion of active sessions from various devices, but I will not focus on them anymore. In order to go through all of them conveniently and properly configure for yourself, it is best to click on the so-called. Security Checkup.

But Google reads my emails!

 

  Whenever I recommend GMail to someone, I point out that while it crushes the competition in terms of security (understood as protecting the user from attacks and protecting the user from himself), Google’s approach to privacy may not appeal to everyone. And that’s the sad truth about most free services.

    If something is free, we usually pay for it with our data

GMail is no different. Google is an ad-supported company. It needs to know its users well, because thanks to this it can develop better methods of profiling them, thanks to which it can better target their tastes with advertisements. And the more matched ads, the greater the earnings for Google and the happier advertisers and the larger the advertising budgets, which again means more earnings for Google.

Example: Yes, it’s true that Google will read from the order summary email sent to your GMail that you just bought all Coma CDs. But don’t worry, she won’t blackmail you with this information and she won’t reveal this embarrassing fact to your friends. However, it will start showing you ads for other lousy pop-rock bands 😉

Google wants you to see relevant ads. And – which may come as a surprise to some of our readers – some people like to see relevant ads. They don’t mind Google “collecting” information about them and using it to match ads! They prefer tailored ads to another banner with pills for a strong bough or vaginal dryness. For them, GMail will definitely be a win-win choice.

Still, I think it’s important that these “GMail accepting” people know how much and what information is collected about them by Google and that they are aware of the consequences of profiling. Therefore, for those who are satisfied with GMail and will continue to use it, but do not know what data Google has about them, I have prepared the next chapter. This chapter will also be useful for those who want to use GMail but don’t want “Google spying on them”.

What does Google collect about me and how do I disable profiling?

Regardless of whether you care about what Google collects about you or not, it is worth at least once in your life to review how this company has pigeonholed you based on the data you provide to it. You can do it by going to these settings. It’s best to go through this summary view right away and click through the so-called. “Privacy Checkup“.

All of these data sources that allow Google to profile you can be turned off, and you can control the profiling of ads on this page. There you will also see what categories regarding age, gender and interests Google has assigned you.