Google adding End-to-End encryption



Yesterday Google announced that they will be adding more encryption to Gmail. The company plans to release an extension to Chrome called End-to-End for users who feel they need an additional layer of protection to guard their communications from prying eyes.

In a post in their Online Security Blog Stephan Somogyi, Product Manager, Security and Privacy announced that they will be releasing an alpha version of the End-to-End code that uses OpenPGP encryption.

Related: Shhhh! Google is listening

“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.

While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.

The alpha code isn’t quite ready for prime time but Google is releasing it now “so that the community can test and evaluate it, helping us make sure that it’s as secure as it needs to be before people start relying on it.”

Google is also offering a financial reward for anyone who discovers security holes in the code.

The End-to-End encryption is intended to augment Google’s existing security and is not necessarily intended for everybody or for everyday use. As Somogyi says, “We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.”

Related: The Race to Home Automation: Setting the Bar for Apple (and Everyone Else)

As I’ve mentioned in other articles I think it’s a good thing that more and more companies are beginning to provide stronger and more varied encryption however encrypting emails is only a small hole in a boat that is rapidly taking on water. As we connect more and more people, companies, apps, devices and so on to each other we have added more and more weaknesses to our overall security. A hacker need only find one chink in the armor and use that to get deeper and deeper into our systems.

One stolen (or guessed) password allowed hackers to get into a catering company’s system last fall and that company happened to be a supplier for Target stores. Since the catering company had limited access to the Target corporate computers for submitting invoices and other perfectly legitimate purposes the hackers were able to use that access to get into the Target system. Once inside they were able to plant their malicious code and steal tens of thousands of customer’s credit card information. I don’t think encrypting Target’s emails could have don’t anything to prevent that.

But Google’s End-to-End is still a good start.



Guy Wright

Guy Wright has been covering the technology space since the days when computers had cranks and networks were steam powered. He has been a writer and editor for many of the most influential publications over the years – publications that helped shape our current technological zeitgeist. He has lost count of the number of articles, blogs, reviews, rants, and books that he has published over the years, but he hasn’t stopped learning and writing about new things.


More

Debate: “Will the IBM/Apple partnership lead to a merger between the two companies?”

TGDaily and 1World have brought together Rob and Mary Enderle, two true Tech Gurus, to debate the possibility of a merger between the two tech giants. Watch the debate unfold below and make sure you vote for the debater you agree with most regarding the possibility of a merger.

11 days until Apple’s event: TGDaily unveils exclusive new tech specifications!

Still no clues from Apple but that’s not stopping us from reporting about the upcoming media event.

How fast can you clone an app?

Earlier this week Microsoft announced they were removing 1,500 junk apps from the Windows Store because they were misleading, fraudulent or simple knock-offs of other apps.