June 4, 2014
Google, it seems, is determined to makes its e-mail service as secure as possible from the prying eyes of the National Security Agency and other such authorities.
Google has released the source code for a new Web browser plugin that encrypts all Gmail messages before they are sent to their online destination.
Dubbed End-To-End, the source code is a Chrome extension that enables users to encrypt, decrypt, digital sign and verify signed messages within the browser using OpenPGP.
Google has released the code for review by security experts to “make sure that it’s as secure as it needs to be before people start relying on it.” This means, of course, it is not yet ready for public use but, once it is, anyone who wishes to do so will be able to use it to send and receive end-to-end encrypted e-mails through any Web-based e-mail provider.
“End-to-end encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser,” Google said in a blog post.
“We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.”
Once Google decides the new tool is strong and reliable, it will be made available in the Chrome Web Store.
Google has made security a priority since last summer, when whistleblower Edward Snowden went public with National Security Agency documents revealing widespread surveillance programs that included the collection of user data from companies like Google, Yahoo and Microsoft.
The technology firm first increased the security of its e-mail service back in March, making encrypted connections mandatory in all Gmail communications and use.
That change keeps prying eyes from reading messages as they navigate Gmail’s servers, whether a person is using public Wi-Fi or logging in from their own computer, phone or tablet.
Google in a recent transparency report criticized a handful of other e-mail providers for not encrypting messages while they’re in transit. The firm said between 40 percent and 50 percent of all e-mails sent last month between Gmail and other providers were not encrypted while in transit.
Comcast and Microsoft in particular were the targets of Google’s derision.
Fewer than one percent of messages sent in May from Gmail to and from Comcast.net accounts were encrypted during transit while slightly more than 50 percent of Microsoft’s Outlook.com e-mails to and from Google were.
With Yahoo, however, 99 percent of messages from Yahoo Mail to Gmail were encrypted, while 100 percent of return messages were.
What we don’t know is the number of encrypted messages from Outlook to Outlook or Yahoo to Yahoo.
Jennifer Cowan is the Managing Editor for SiteProNews.