I’ve noticed in the past that gmail isn’t secure by default – the initial signon is secured with ssl but then you go back to standard web pages, and therefore open for sniffing. This has prevented me from checking my mail in certain places as I’ve no idea what else is on the network. However, if you go to https://gmail.google.com to sign on, then your ensuing gmail traffic is still encrypted.
Comments
I think that might depend on browser. I’m pretty sure I would just type in gmail.google.com, and, in Firefox at any rate, I was automatically connected as https.