Gmail Notifier Unincrypted

By DarrenS. ·
I received this email from an exec.
Although I have a number of responses in mind(aside from basic "not supported by this IT department"), I'd also like to include whether his source is fact/fiction.
I posted on gmail groups, but have not heard back. Perhaps one of you would like to share your thoughts.

"Secure Gmail Notifier using hidden preference setting
Mon, Jul 9 '07 at 7:30AM PDT ? Submitted by Anonymous Apps
I was shocked to discover that the Gmail Notifier, as distributed by Google, defaults to sending your Gmail password over the network in clear text every time it checks your inbox for new mail. This is incredibly insecure, especially since Google has plenty of smart people who now how to secure internet communication. They have the capability to enable secure communication as proven by the ability to access Gmail entirely over HTTPS (by using as the entry point). As it turns out, there is an easy "hack" for Mac users to switch Gmail notifier to HTTPS as well:

Pull down the Notifier menu (either Calendar or Gmail), hold down Command and Option, and click Preferences on the menu. You?ll see a hidden settings editor. Enter SecureAlways in the Key field (upper and lower case must be entered as shown) and 1 in the Value field, then click Set. Quit Notifier and start it up again. From now on, all connections with both Gmail & Gcal will be https. Thanks to this comment on the O'Reilly blogs for this trick!

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Share your knowledge

Related Discussions

Related Forums