Partial Encryption on Gmail?
This started popping up today (click to embiggen):
So, what is a normal user supposed to do with the warning that "parts of the page" were not encrypted? Seems that if you, the user, were counting on your Gmail contents being secret (maybe you're reading Gmail in the same room as Robert Graham), and you get this big red warning on your location bar, it's either a) too late to do anything about it, or b) not enough information to act on moving forward.
Poking around a little bit on the certificate details, I can't tell which parts of my Gmail session are now suddenly non-encrypted. If it's just the images of the buttons or some other UI element, then, well, I really don't care. But, if it's the contents of my love letters from my secret paramour, then I might care a lot.
SSL is supposed to provide two things -- certainty that you're talking to the computer you think you're talking to, and certainty that third parties can't read the communication.
This warning throws both certainties out the window.
(It's even more troubling because I, unlike typical users, actually go out of my way to SSL-ify my Gmail sessions with a GreaseMonkey trick to redirect everything from http://mail.google.com to https://mail.google.com -- so even if I accidentally start reading in the clear, I'll get kicked back to SSL toot-sweet.)
At any rate -- if there's a good means to determine what happened here post-facto, I'd appreciate knowing about it -- not just on Gmail, but anywhere. I have no idea why this started happing today at Gmail; I assume there's some fancy new Web 2.0 thingy on Gmail that's not behaving correctly.
So, what is a normal user supposed to do with the warning that "parts of the page" were not encrypted? Seems that if you, the user, were counting on your Gmail contents being secret (maybe you're reading Gmail in the same room as Robert Graham), and you get this big red warning on your location bar, it's either a) too late to do anything about it, or b) not enough information to act on moving forward.
Poking around a little bit on the certificate details, I can't tell which parts of my Gmail session are now suddenly non-encrypted. If it's just the images of the buttons or some other UI element, then, well, I really don't care. But, if it's the contents of my love letters from my secret paramour, then I might care a lot.
SSL is supposed to provide two things -- certainty that you're talking to the computer you think you're talking to, and certainty that third parties can't read the communication.
This warning throws both certainties out the window.
(It's even more troubling because I, unlike typical users, actually go out of my way to SSL-ify my Gmail sessions with a GreaseMonkey trick to redirect everything from http://mail.google.com to https://mail.google.com -- so even if I accidentally start reading in the clear, I'll get kicked back to SSL toot-sweet.)
At any rate -- if there's a good means to determine what happened here post-facto, I'd appreciate knowing about it -- not just on Gmail, but anywhere. I have no idea why this started happing today at Gmail; I assume there's some fancy new Web 2.0 thingy on Gmail that's not behaving correctly.
Labels: ssl firefox gmail
posted by todb at 10:20 AM
2 Comments:
Did you ask Google about this through there support system? I'm not of aware of any general solution to figure out what the "partial" message means.
Found it! At least, one of the culprits for this maddening behavior.
On this page:
https://mail.google.com/support/bin/answer.py?ctx=gmail&hl=en&answer=34331
There's one of these:
[img src="http://groups.google.com/groups/img/3nb/groups_bar.gif"
height=26 width=132 alt="Google Groups"]
This is causing my location bar to turn red with fury.
Now, to get firefox to notice and do something useful when this happens. Looks like a job for Greasemonkey.
Post a Comment
Links to this post:
Create a Link
<< Home