Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday June 04 2014, @04:54PM   Printer-friendly
from the but-we-know-who-your-friends-are dept.

Today Google announced the alpha release of a Chrome plugin that works with their Gmail service to enable end-to-end encryption for email sent through their system. This will reduce Google's ability to data-mine the content of messages, but it won't stop anyone from tracking senders and recipients. Their plugin is based on OpenPGP and they are publishing the source code.

With a focus on ease-of-use lets hope that this plugin is enough to start a broader movement towards end-to-end encryption for all email, regardless of provider.

Editor's Note: This is an early release of the code and should not be relied upon just yet. Google invites the community to test and evaluate the extension; it is even eligible for their Vulnerability Reward Program.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Insightful) by frojack on Wednesday June 04 2014, @05:19PM

    by frojack (1554) on Wednesday June 04 2014, @05:19PM (#51237) Journal

    There is no reason the subject couldn't be encrypted.

    But sender/receiver pretty much has to remain unencrypted because you can never know how many mail handlers the mail has to go through.

    I don't see this as a huge problem, because even the post office and face to face whispered conversations in a dark alley on a rainy night leave meta data breadcrumbs.

    I don't believe there is any real solution to this issue other than mass message dumps where all mail gets deposited and your mail client fetches all of them and only shows you the ones it can decrypt.

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 3, Funny) by buswolley on Wednesday June 04 2014, @05:24PM

    by buswolley (848) on Wednesday June 04 2014, @05:24PM (#51243)

    Download the entire internet

    --
    subicular junctures
    • (Score: 2) by frojack on Wednesday June 04 2014, @05:51PM

      by frojack (1554) on Wednesday June 04 2014, @05:51PM (#51255) Journal

      Not necessary.

      Your message is assigned to a random collection of messages and put in a common mailbox that contains your mail as well as a random sample of other encrypted mail. The MTA would know which public keys have their messages stored in which random mailbox. This isn't going to work with IMAP very well.

      You really can't eliminate ALL metadata from every part of delivery system. The system has to know, at some point, who a message is TO. As long as you are willing to forego bounces, the FROM could be encrypted.

      --
      No, you are mistaken. I've always had this sig.
  • (Score: 5, Interesting) by emg on Wednesday June 04 2014, @06:33PM

    by emg (3464) on Wednesday June 04 2014, @06:33PM (#51282)

    Wasn't there a Usenet group which used to be used for precisely that; people would post PGP-encrypted messages into the group and the recipient would extract them?