Google, Yahoo Partner to Create Encrypted Email System
Rivals Google and Yahoo are pairing up to develop a secured email service by 2015, that could make it impossible for hackers or even the government to read users' messages.
With Google [http://www.escapistmagazine.com/news/view/136677-Russian-Hackers-Have-Stolen-Over-A-Billion-Internet-Passwords]states it has over 42.5 million unique Gmail users, with Yahoo sitting at over 110 million. Yahoo and Google say this encryption tool will be an optional feature that users will have to enable, and it will rely on a version of PGP encryption, which is a long-tested way of scrambling data that has yet to be cracked. It also won't be like traditional webmail services that rely on tech firms in holding passwords and usernames for user accounts, as PGP relies on consumer accounts having their own encryption key stored on their laptops, smartphones, tablets and other devices.
However, before you toggle this on the moment it becomes available, it won't be that easy to use, unfortunately. For starters, you cannot forget your password as there's no "password reset" feature; and users will have to go through several steps using less-than-desirable (read: clunky) software just to send short email messages. Christopher Soghoian, security and privacy researcher at the American Civil Liberties Union claims, "How do you get children to eat their spinach?...PGP is even less tasty than spinach." Soghoian adds that both Google and Yahoo are taking steps to make the technology easier to use for normal users.
In a Black Hat security conference held last week, Yahoo chief information security officer Alex Stamos says that Yahoo has to explain to users how PGP works, and that it isn't the one-stop cure for privacy issues. One example Stamos has given is that while it encrypts the contents of emails, it wont' provide encryption on who sends and receives the messages or the subject line. "We have to make it to clear to people it is not secret you're emailing your priest...But the content of what you're emailing him is secret," Stamos notes.
Possibly the most intriguing aspect of it (aside from protecting emails from hackers) is bandied by Bruce Schneier, longtime cybersecurity researcher and chief technology officer at Co3 Systems, when he said: "What's going to happen when the FBI goes to Google or Yahoo and says, 'I want the email from this guy,' and Google or Yahoo says, 'We can't give it to you?'"
Are you willing to adapt Google and Yahoo's new email system [http://www.escapistmagazine.com/tag/view/email?from_search=1] to protect your privacy? Or will this new encryption method just make it easier for people with bad intentions to communicate without being caught?
Source: The Australian [http://www.theaustralian.com.au/business/wall-street-journal/yahoo-google-partner-to-create-encrypted-email-system-by-2015/story-fnay3ubk-1227017941677?nk=079216bda1e207c72f5fa524d15ed018]
Permalink
Rivals Google and Yahoo are pairing up to develop a secured email service by 2015, that could make it impossible for hackers or even the government to read users' messages.
With Google [http://www.escapistmagazine.com/news/view/136677-Russian-Hackers-Have-Stolen-Over-A-Billion-Internet-Passwords]states it has over 42.5 million unique Gmail users, with Yahoo sitting at over 110 million. Yahoo and Google say this encryption tool will be an optional feature that users will have to enable, and it will rely on a version of PGP encryption, which is a long-tested way of scrambling data that has yet to be cracked. It also won't be like traditional webmail services that rely on tech firms in holding passwords and usernames for user accounts, as PGP relies on consumer accounts having their own encryption key stored on their laptops, smartphones, tablets and other devices.
However, before you toggle this on the moment it becomes available, it won't be that easy to use, unfortunately. For starters, you cannot forget your password as there's no "password reset" feature; and users will have to go through several steps using less-than-desirable (read: clunky) software just to send short email messages. Christopher Soghoian, security and privacy researcher at the American Civil Liberties Union claims, "How do you get children to eat their spinach?...PGP is even less tasty than spinach." Soghoian adds that both Google and Yahoo are taking steps to make the technology easier to use for normal users.
In a Black Hat security conference held last week, Yahoo chief information security officer Alex Stamos says that Yahoo has to explain to users how PGP works, and that it isn't the one-stop cure for privacy issues. One example Stamos has given is that while it encrypts the contents of emails, it wont' provide encryption on who sends and receives the messages or the subject line. "We have to make it to clear to people it is not secret you're emailing your priest...But the content of what you're emailing him is secret," Stamos notes.
Possibly the most intriguing aspect of it (aside from protecting emails from hackers) is bandied by Bruce Schneier, longtime cybersecurity researcher and chief technology officer at Co3 Systems, when he said: "What's going to happen when the FBI goes to Google or Yahoo and says, 'I want the email from this guy,' and Google or Yahoo says, 'We can't give it to you?'"
Are you willing to adapt Google and Yahoo's new email system [http://www.escapistmagazine.com/tag/view/email?from_search=1] to protect your privacy? Or will this new encryption method just make it easier for people with bad intentions to communicate without being caught?
Source: The Australian [http://www.theaustralian.com.au/business/wall-street-journal/yahoo-google-partner-to-create-encrypted-email-system-by-2015/story-fnay3ubk-1227017941677?nk=079216bda1e207c72f5fa524d15ed018]
Permalink
