Yahoo Joins Google’s Initiative to Encrypt Email
Facing public backlash and the risk of losing their customer-base, some of the biggest players in the tech world have decided to take countermeasures to restore both user and investor confidence. Google’s initiative to encrypt their widely popular Gmail is one such effort – one that has caused bitter rival Yahoo to take similar measures. Both companies compete in a variety of different technology segments with email being the most critical of them. Yahoo’s initiative to join Google’s email encryption efforts is a sign that the companies are fully devoted to ensuring user privacy and prevent further leakage of information.
Yahoo Steps In
A representative from Yahoo confirmed that the company will collaborate with search giant Google to develop an encryption system that would be mathematically impossible to breach. If the alliance proves to be successful it would not only mark the beginning of the next era of encryption based security but also help thwart the notion that tech companies are mere pawns in the hands of NSA, a perception that had become widespread after Snowden’s claims. Though Yahoo’s decision to join hands with Google to build better email security is commendable, it is however worth nothing that the company for the longest time did not have a top level security advisor.
Google formally announced its plan to work on a secure email product this past June. The addition of Yahoo is also significant in the sense that both companies combined form the largest chunk of web-based email users in the world. Statistics reveal that Gmail currently boasts of 366 million unique email visitors as compared to Yahoo’s 273 million.
How Will the New Encryption System Work?
Details released by both Google and Yahoo about the new system hint towards optional features that users will be able to turn on and off according to preference. The security mechanism will rely on PGP encryption – a form of encryption that remains uncracked. As compared to conventional email security where tech companies hold usernames and passwords for accounts, PGP relies on each email user to have an encryption key installed on their devices.
Acknowledging the challenges faced in bringing such a tool to life, Alex Stamos, Yahoo’s chief information security officer, stated that “We have to make it to clear to the people that it is not secret you’re emailing your priest.” Stamos further added at an interview at the Black Hat security conference: “But the content of what you’re emailing him is secret.”
Legal troubles are another aspect both Google and Yahoo will have to consider if they incorporate such an impenetrable technology. After Snowden’s claims went public last summer, a court ordered Lavabit, Snowden’s email service, to provide encryption keys. If Google and Yahoo successfully implement PGP encryption they’ll be able to present the argument in a court of law that they do not possess encryption keys since they’ll be stored on their user’s computers and smartphones.