"Google is putting millions of users at risk of fraud from hackers and needs to enable encryption by default on its most popular web apps, including Gmail and Google Docs, a gaggle of security researchers told the search giant Tuesday in an open letter. At issue are the current default settings for Google’s popular web applications. The settings use the secure “HTTPS” protocol only for logging in, and fall back to unencrypted browsing thereafter.  If a user doesn’t know how to force Google to use HTTPS full time, he’s vulnerable to a host of nasty hack attacks when using an open or badly secured network, particularly a public Wi-Fi spot. Most of the web’s cloud computing applications leave users just as vulnerable to having their e-mail and social networking accounts hijacked, the letter admits, but the collection of security professionals is leaning on Google to take a leadership role." - Steven Perez from Bookmarklet