Printed from

Yahoo to implement end-to-end email encryption some time in 2015

updated 02:00 pm EDT, Sun August 10, 2014

CISO states security coming via a fork of Google's end-to-end encryption extension

Yahoo's Chief Information Security Officer Alex Stamos told Black Hat online security conference attendees last week that the search company would be rolling out end-to-end encryption for email some time in 2015. The company is taking a similar approach to Google to tackle enhanced security issues for communications, even down to the details of using OpenPGP.

The news was tweeted from the conference by Yan Zhu, a former employee of the Electronic Frontier Foundation known for working on Privacy Badger, and who was one of the first hires by Yahoo for its privacy engineering team. The Yahoo encryption appears not only to be similar to what Google is planning with its Chrome extension, but a fork of the project.

Stamos confirmed in the tweet stream that Yahoo is using a version that's compatible with the Yahoo front end. He adds that the mobile app will have a native encryption, while web-based users should be following the same extension approach as Google. Drew Hintz, a security engineer for Google, confirmed that it's the same end-to-end encryption from Google. Yahoo will be working with Google to make its encryption compatible with Gmail.

It appears that Yahoo will be requesting the aid of the community to help improve the service later on, as Stamos said that the code will be released in the fall. The goal is to have security-minded users help improve the experience as well as locate bugs. A Yahoo spokeswoman told CNet that the no other providers were on board so far, but because of the open nature Yahoo hopes others will adopt it.

Yahoo announced last year that it would be it encrypting all transmissions through data center links as a way to prevent information from being accessed by outside parties, including government agencies like the National Security Agency. The company also stated that it would put 2048-bit SSL encryption into place for Yahoo Mail users by January this year, but later added it would extend to all Yahoo products.

By adding Yahoo to the likes of Google, the movement for the use of encryption for everyday users could gain more traction. For many, end-to-end encryption through Pretty Good Privacy (PGP) can be considered too complex to use. However, the complications come from ease of use, as well as proper education. In a time where some companies are struggling to implement any form of mail encryption in transit, the move is a welcome one by Yahoo.

By Electronista Staff
Post tools:




Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

IDrive cloud backup and sync service

There are a lot of cloud services out there, and nearly all of them can be used for backing up key files and folders. A few dedicated ...

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...



Most Commented


Popular News