If you are a Google user – meaning Gmail, Google Docs, Google Calendar, Google Reader, etc – then you should know that by default, once you log in your sessions are typically not encrypted between your browser and the Google servers.
For some more technical information on this, check out dmiessler’s post on the subject.
He mentions using bookmarks to make force your browser to use Google’s secure connections – however I’ve noticed that occasionally depending on how you arrive to your Google services that you will switch to an unencrypted session without warning.
For that reason, If you are using Firefox and greasemonkey, I highly recommend installing the “Google Secure Pro” userscript. It automatically switches you from using http:// to https:// to ensure your data is encrypted to Google’s servers. This will increase your security greatly from using the unencrypted connections, which is good if you transfer confidential data over e-mail – like most normal people do!
