Google Moves End-To-End Email Encryption Project To GitHub
from the good-to-see dept
Back in June we wrote about Google’s “End-to-End” project to enable full (real) end-to-end encryption in email via a Chrome extension. For years now, we’ve been among those arguing that Google should actually offer end-to-end encryption by default (which would make the company unable to read your emails). This isn’t going that far, but making it much easier for individuals to truly encrypt their own emails (without any backdoors for the email provider) is definitely a big step forward. So it’s good to see that the company has now moved the project to GitHub, and that Yahoo’s Chief Security Officer, Alex Stamos, has been contributing to the project as well. Having two of the biggest webmail providers working together on an open source system for better encrypting emails end-to-end is a huge win for privacy and security. The project is still in its early days, and Google warns that it’s not yet ready to release the extension in the Chrome Web Store, but it’s great that things are moving forward. Of course, for those of you who can’t wait, there already some extensions like Mailvelope that are pretty easy to use (though, some worry are not quite as secure as other options).
Filed Under: email, encryption, end to end, open source
Companies: google, yahoo
Comments on “Google Moves End-To-End Email Encryption Project To GitHub”
There goes Google again – trying to prevent law enforcement from tracking down terrorists, pirates, and pedophiles.
Can’t everyone agree that we need to stop all of this data encryption crap for the sake of the children?
Re: Re:
But, if we let them, then the FBI/CIA/NSA will be able to get millions of more dollars and say they are trying to save the kids while evil big companies like google just want them dead.
Let them put up their firewalls and encryption, think of the money.. kids.
True end-to-end encryption would prevent some value added feature from working…like the ability for Google to scan for viruses or offer any sort of spam filtering.
Re: Response to: Baruch Moskovits on Dec 17th, 2014 @ 7:06pm
deja vu
Re: Re: Response to: Baruch Moskovits on Dec 17th, 2014 @ 7:06pm
My bad. I hit submit three times. Techdirt doesn’t provide a way to delete your own comments.
Re: Re: Re: Response to: Baruch Moskovits on Dec 17th, 2014 @ 7:06pm
Baruch Moskovits on Dec 17th, 2014 @ 7:06pm
‘My bad. I hit submit three times. Techdirt doesn’t provide a way to delete your own comments.’
Three strikes, you are now under close surveillance, SWAT on their way, you tried to flood Techdirt’s servers, I bet you are North Korean?
Re: Are you gods?
Scan then ‘encrypt’.
Keymaster and Gatekeper… how could that end poorly?
Sounds great, as long as none of GitHub’s interns go political and delete the project…
Lions and Tigers and Bears! Oh My!
Who will protect us without a Golden Key?
github instead of google code?
Re: Re:
Indeed. Apparently, Google wanted this to be available to the wider OSS community, so they made it available in a place that makes it available to more people than google code does.
Re: Re: Re:
The whole point of google code is to make code available to the wider OSS community.
They can make the code available to the same people (that is, anyone interested) using google code or github or sourceforge or launchpad or bitbucket or…
I’d have expected google to eat their own dog food.
Re: Re: Re: Re:
“The whole point of google code is to make code available to the wider OSS community.”
Kinda. Google code is not the go-to place for OSS code (and probably never will be). I think they wanted to host this stuff because it’s more convenient for them & their own projects.
Re: github instead of google code?
Either way, people can clone the project easily enough.
Whereas I think it’s easier to get an account on GitHub, which means people can publish their own changes more easily, send patches and pull requests upstream, etc.
In other words, it becomes a true two-way community project on GitHub.
Re: Re: git on outta here
Much like AOSP
Extra! Extra! Google Code sucks so bad that Google puts their projects on Github. Oh the irony!
google cares about privacy, like dick chaney cares about not tourturing people. but people will probably love the new free google anal feedings.
Re:
They’d still be able to do some spam filtering based on the header (which can’t be encrypted if you want your mail delivered) but, other than that, they could do the full anti-spam filtering at the time of decryption.
Re: Re:
“they could do the full anti-spam filtering at the time of decryption”
Not if it’s truly end-to-end, since Google would never have access to the decrypted text.
leg in the middle, all the better to secretly trascribe GV
End to End [to other end]
Google in the middle makes everything more rape profitably better.
Github is not that safe.
Re: Github is not that safe.
But Git is. It uses SHA-1 hashes to identify every important object in its database. If anybody tried to sneak an unauthorized change into a copy of a repo on GitHub (or anywhere else), alarm bells would ring as soon as anybody tried to pull from that.
I hope it doesn’t contain any backdoors.