Sign in / up

back to article Google IMAP losing old security protocols this month

Google's ongoing elimination of the antediluvian SSLv3 and RC4 protocols is taking another step on June 16. From that date, Gmail's IMAP and POP services will join its SMTP services in rejecting connections using those protocols. Recognising, perhaps, that not everybody's been paying attention, Mountain View is giving users …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. streaky
    Big Brother

    :smugface:

    Those of us who are competent realised this was a thing a long time ago, just saying.

    Sorting it out on mail protocols at least as important as HTTP - but a lot of people take what Google do as best practice (it definitely isn't) so maybe it'll help a bit in the general population.

    1 4 Reply
  2. Anonymous Coward
    Anonymous Coward

    .. and yet ..

    .. they still support POP.

    Oh well.

    1 1 Reply
    1. TeeCee Gold badge
      Reply Icon
      WTF?

      Re: .. and yet ..

      They probably don't really. Everything I've looked at recently that allegedly "supports POP" tends to reveal that everything's still there on the server after download[1].

      Real POP has an advantage. No data-scarfing bunch of bastards get to hang on to your mail longer than is absolutely necessary.

      [1] Connect to the same service and mailbox with an IMAP client and it's all magically still there, despite having been through the download 'n delete POP process.

      1 3 Reply

    2. This post has been deleted by its author

  3. Anonymous Coward
    Anonymous Coward

    They probably don't really. Everything I've looked at recently that allegedly "supports POP" tends to reveal that everything's still there on the server after download.

    What is their business again? Oh yes, data gathering. QED.

    2 0 Reply

  4. This post has been deleted by its author

  5. choleric

    Curmudgeonly comment

    Headline and first line of the article run rather roughshod over the technical terms don't they? SSLv3 may be a protocol but RC4 is most definitely a cipher; the clue is in the name: "Rivest Cipher 4".

    0 0 Reply
  6. Michael Kean

    Outlook Express?

    Hmmm.

    I still have a few customers on Outlook Express because they don't like change. I guess I'll have to forward their email to another address so they can POP it from there.

    0 0 Reply
    1. Tomato42
      Reply Icon
      Facepalm

      Re: Outlook Express?

      I can't even begin to imagine to how many known exploits it is vulnerable now.

      Please, drag them into the 2000's, even if they kick and scream.

      0 0 Reply
  7. K.o.R
    Boffin

    So does this mean I will just have to change the option in Outlook 2016 from SSL to TLS (as it is on the SMTP side already), or is this going to break something?

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like