I am what you might call a little bit of a paranoid nut. I supposed it is because I'm in the I.T. industry, and have a mindset for security. Anyways, I am Gmail user. I love it, and everything about it. It was one of the first free POP3 systems to use TLS for e-mail clients as far as I know.
Anyways, when I was looking at my Gmail account today from their web interface I noticed that it defaults to http://mail.google.com and not to httpS://mail.google.com. What does that mean? You may ask. It means your e-mail is not secured. As you know, https is used for web based SSL encryption to protect your data over the web. If you are browsing to a website with only http, you don't have any encryption to protect you. That means that the "man" can monitor your e-mail traffic coming from your web browser to the web server, and that is not a good thing. Does Gmail support SSL encryption through their web interface? The answer is a resounding YES! Just browse to https://mail.google.com or https://gmail.com and login as usual.
One might argue that when they browse to mail.google.com for the first time that it does default to https. This is only true if you have not logged in. As soon as you login, you are transferred to http.
If you have any bookmarks, or links that you use to get you your gmail web interface, make sure you add the S, to make it secure :-)