SoylentNews is people
SoylentNews
Ars is reporting that Yahoo will offer a browser plugin to offer end-to-end PGP encryption. Speculation is that it will be a JavaScript plugin, similar to what Google offered.
The problem with any of these plugins is that the browser (or at least the plug in) will have access to your private key. Nobody is quite sure that anything developed for a browser can be trusted not to leak your private key, or if Yahoo or Google could be compelled to harvest keys just as other companies like Lavabit were forced to turn over their own ssl keys.
The Google plugin was released in Beta in June.
Both would seem to get over the learning curve and offer opportunistic encryption when ever both parties are using the same service. Whether or not the plugins will try to fetch public keys from key servers is yet to be determined.
So will you trust either of these plugins?
Would you switch to reading mail in a browser for this feature?
(Score: 0) by Anonymous Coward on Saturday August 09 2014, @02:57AM
This. Why is it that every time I see an article on mail encryption, no one seems to know that S/MIME is built into every major mail program out there, and key-generating routines into every major browser? It's built into Outlook, Apple's Mail both OSX and iOS, Thunderbird, Kmail (albeit with a bit of pain), and pretty much anything except webmail; it's a standard, it's interoperable, and it's already in place.
It's ludicrously easy on a Mac to get a free S/MIME cert and install it in Keychain, at which point Mail will pick it up automatically and use it for the corresponding e-mail account. In fact, at this point I'd be only mildly impressed if Apple went the extra mile and made generating an S/MIME key part of the initialization process for new computers or iCloud accounts. They'd just have to set themselves up as a signer and re-use a lot of code that's already in place. Defaulting all the Mac users to using secure mail wouldn't take much effort, although it would probably piss off some providers that like to snoop.
On the other hand, trying to set up S/MIME with pine is one of the most painful experiences imaginable. The *nix systems have some room for improvement in user experience here.