Yahoo sees 'end to end' email encryption by year-end

Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for us
Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for users concerned about snooping from governments or hackers

Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for users concerned about snooping from governments or hackers.

The Internet giant demonstrated new security and safety features for its at the South by Southwest festival in Austin, Texas, ramping up efforts to boost privacy since the 2013 revelations about .

The new security feature aims to allow non-technical people to use with the click of a button after an initial setup of a few minutes.

A test or beta version of the is being released for developers, and it is expected to be rolled out to in the coming months.

"Our goal is to have this available by the end of the year," Alex Stamos, Yahoo's chief information security officer, told AFP.

"Anybody who has the ability to write an email should have no problem using our email encryption."

Privacy advocates say encryption is a valuable tool in thwarting unwanted snooping, but many users find the process daunting, with a need to create complex codes or "keys" for both the sender and receiver.

Yahoo has been collaborating with Google and its Gmail service on the encryption, and the standards will be compatible, Stamos said, so Yahoo and Gmail users will be able to send each other encrypted messages with a single click.

Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code s
Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code sent to a verified phone each time they log in

"I think anybody who uses email in the center of our life needs encryption," Stamos said.

"If you send emails to your spouse or your lawyer or family members, you want to have these messages be confidential."

Yahoo and Google and other online giants took steps to encrypt Internet traffic in the wake of revelations of vast online surveillance programs led by the US National Security Agency, and have argued they never allowed unfettered access to their servers.

The email encryption takes this further by encrypting the content on both ends of the message.

Dumping the password

Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code sent to a verified phone each time they log in.

The move would help avoid so-called "phishing" attacks and other maneuvers that steal a user's password, leading to potential identity theft.

The two new measures are expected to improve security and privacy while still being easy to use, Stamos said.

"It's important for our products to be safe as used by normal people," said Stamos.

"Our users face a very diverse set of threats. The biggest threat is probably someone stealing their password, and their account taken over."

He added that encryption and password circumvention may also be important for users living in countries with repressive regimes.

"There are a lot of Yahoo users who live in countries where their freedom of expression and freedom of association is not respected, and where the government is trying to put malware on their computers to track them," he said.

© 2015 AFP

Citation: Yahoo sees 'end to end' email encryption by year-end (2015, March 15) retrieved 21 November 2024 from https://phys.org/news/2015-03-yahoo-email-encryption-year-end.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Volume of encrypted email rising amid spying fears (Update 2)

417 shares

Feedback to editors