Force Gmail to Always Use Secure Connection

迫使Gmail用安全链接打开

from Google Operating System by Ionut Alex Chitu

Gmail rolls out a new option that lets you set the https version as default. If you go to the Settings and select "always use https", Gmail will automatically redirect to the secure version. Until now, you had to manually type https://mail.google.com in the address bar, bookmark the address or use a Greasemonkey script.
Gmail刚推出一想选项，你可以把https 版本设置成默认。如果你到设置里面选择总是使用https Gmail在打开的时候会自动转到安全页面上。直到现在你还必须在地址栏里手工输入https://mail.google.com，把这个地址添加到数千里或者是使用Greasemonkey 脚本来实现。


"If you sign in to Gmail via a non-secure Internet connection, like a public wireless or non-encrypted network, your Google account may be more vulnerable to hijacking. Non-secure networks make it easier for someone to impersonate you and gain full access to your Google account, including any sensitive data it may contain like bank statements or online log-in credentials. We recommend selecting the 'Always use https' option in Gmail any time your network may be non-secure," explains Google.
“如果你在不安全的网络环境下登陆Gmail，比如在公共无线网络里或者没有加密的网络里，你的Gmai帐号可能会被劫持。在不安全的网络里别人可以更容易假装成你本人看到你的Google帐户，比如银行的信息或者在线登陆证书等。我们建议在你使用的网络不安全的情况下选择总是使用https的Gmail设置选项。”
Read, for example, David Pogue's post about Wi-Fi eavesdropping. "All Jon needed [to read my mail] was a packet sniffing program; such software is free and widely available. (He used a Mac program called Eavesdrop.) It sniffs the airwaves and displays whatever data it finds being transmitted in the public hot spot."
比如看看David Pogue关于无线网络窃听的帖子。“要看我的邮件Jon 需要的只是一个数据包嗅探工具；这种免费的软件网上多的是。（他用的是一款称作Eavesdrop的Mac软件。）它会修谈到无限信号并且会显示找到的任何在公共无线网络里传输的数据。”
Https is typically used for sites that deal with sensitive data, so you'll see it when you authenticate to sites like Google or Facebook and when you use your mobile banking account, PayPal, Google AdWords and a handful of similar sites. The benefit is that the connection between your browser and the remote servers is encrypted and nobody could capture the sensitive data.
Https 一般被用来处理比较敏感的数据，你在Google或者是Facebook验证身份的时候会看到HTTPS，你使用移动银行的帐号的时候，PayPal，Google AdWords和一些类似网站的时候也会看到。好处是你的浏览器和服务器质检的链接是加密过的，没有人可以获取到敏感的数据。
"We use https to protect your password every time you log into Gmail, but we don't use https once you're in your mail unless you ask for it (by visiting https://mail.google.com rather than http://mail.google.com). Why not? Because the downside is that https can make your mail slower. Your computer has to do extra work to decrypt all that data, and encrypted data doesn't travel across the internet as efficiently as unencrypted data," says the Gmail blog.
“每次你登陆Gmail的时候我们使用HTTPS保护你的密码，但是一旦你进入了Gmail我们就不再使用HTTPS了，除非你自己需要（通过访问https://mail.google.com而不是http://mail.google.com）。为什么又不用了呢？因为https不好的地方是会使你的邮件变慢。你的电脑也要多做不少解密的工作，并且加密过的数去在网上的传播不如没有加密的数据有效。”
In addition to the worse performance, Google also mentions that the mobile application could show errors if you don't enable 'Always use secure network connections (slower performance)' in the app's settings section. If you use Firefox, don't forget to disable the Greasemonkey scripts that redirect Gmail to the secure version and to deactivate the similar option from Firefox extensions like Better Gmail and CustomizeGoogle.
除了会引起反应迟缓之外Google还提到如果不在设置里打开总是使用安全链接（更慢的反应）移动设备可能会显示错误。如果你使用的是firefox不要忘了把Greasemonkey里把Gmail转到安全版本的脚本同样也需要关掉Firefox插件Better Gmail和CustomizeGoogle类似选项。
The good news is that you don't need a similar setting for other Google applications if you use the navigation bar: Google automatically links to the secure versions of Google Calendar, Google Docs, Google Reader and Google Sites. If you don't see the new option in Gmail's settings, you have to wait until Gmail enables it in your account.
好的消息是如果你使用Google的导航栏打开别的Google服务不需要类似的设置：Google会自动转到安全版本的Google Calendar，Google Docs， Google Reader and Google Sites。如果你还没有在Gmail的设置里看到这一新的选项你要等等看了，等Google在你的账户里也打开这一选项。