Yahoo to provide PGP encryption for mail

Powered by SC Magazine
 

Promises ease of use.

One of the world's largest web providers, Yahoo, will provide its email customers with digital signing and encryption of messages through an extension of the Pretty Good Privacy (PGP) program.

Yahoo chief information security officer Alex Stamos made the announcement at the annual Black Hat security conference in Las Vegas.

Stamos told iTnews that the project was still some way off.

"We are working to design a key server architecture that allows for automatic discovery of public keys within Yahoo.com and other participating mail providers and to integrate encryption into the normal mail flow," Stamos said.

While effective as a personal encryption solution, PGP is notoriously difficult to use with public/private key pairs. Stamos believes Yahoo can nevertheless make it work for non-technical users.

"It won’t be easy, but I think we can design a user experience that makes encrypting messages a one-click option for many people," he said.

Yahoo will use a fork of Google’s End to End OpenPGP plugin that is currently in development.

“We are using the same crypto core with a different front-end, and will look at unifying with Google’s plugin once the dust settles,” Stamos said.

Stamos was reluctant to announce a firm date for the PGP functionality for Yahoo Mail, but said the company will release the first source code for its version of the extension in the northern hemisphere this autumn.

The goal is to have the full product ready in 2015, Stamos said.

He declined to detail how government intelligence agencies and law enforcement would react to Yahoo Mail customers being able to individually encrypt messages, something that would make interception of their content potentially impossible.

Yahoo follows the likes of Google, Facebook and Microsoft, who also recently announced they would encrypt internal traffic in response to the Snowden spying revelations.

Copyright © iTnews.com.au . All rights reserved.


Yahoo to provide PGP encryption for mail
Alex Stamos, Yahoo CISO.
 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Alex Stamos, Yahoo CISO.
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3077

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 979

Vote