Printed from http://www.electronista.com

Yahoo to implement end-to-end email encryption some time in 2015

updated 02:00 pm EDT, Sun August 10, 2014

CISO states security coming via a fork of Google's end-to-end encryption extension

Yahoo's Chief Information Security Officer Alex Stamos told Black Hat online security conference attendees last week that the search company would be rolling out end-to-end encryption for email some time in 2015. The company is taking a similar approach to Google to tackle enhanced security issues for communications, even down to the details of using OpenPGP.

The news was tweeted from the conference by Yan Zhu, a former employee of the Electronic Frontier Foundation known for working on Privacy Badger, and who was one of the first hires by Yahoo for its privacy engineering team. The Yahoo encryption appears not only to be similar to what Google is planning with its Chrome extension, but a fork of the project.



Stamos confirmed in the tweet stream that Yahoo is using a version that's compatible with the Yahoo front end. He adds that the mobile app will have a native encryption, while web-based users should be following the same extension approach as Google. Drew Hintz, a security engineer for Google, confirmed that it's the same end-to-end encryption from Google. Yahoo will be working with Google to make its encryption compatible with Gmail.

It appears that Yahoo will be requesting the aid of the community to help improve the service later on, as Stamos said that the code will be released in the fall. The goal is to have security-minded users help improve the experience as well as locate bugs. A Yahoo spokeswoman told CNet that the no other providers were on board so far, but because of the open nature Yahoo hopes others will adopt it.

Yahoo announced last year that it would be it encrypting all transmissions through data center links as a way to prevent information from being accessed by outside parties, including government agencies like the National Security Agency. The company also stated that it would put 2048-bit SSL encryption into place for Yahoo Mail users by January this year, but later added it would extend to all Yahoo products.

By adding Yahoo to the likes of Google, the movement for the use of encryption for everyday users could gain more traction. For many, end-to-end encryption through Pretty Good Privacy (PGP) can be considered too complex to use. However, the complications come from ease of use, as well as proper education. In a time where some companies are struggling to implement any form of mail encryption in transit, the move is a welcome one by Yahoo.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News