Yahoo sees 'end to end' email encryption by year-end

Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for us
Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for users concerned about snooping from governments or hackers

Yahoo said Sunday it plans to introduce "end to end encryption" for email this year to boost privacy protection for users concerned about snooping from governments or hackers.

The Internet giant demonstrated new security and safety features for its at the South by Southwest festival in Austin, Texas, ramping up efforts to boost privacy since the 2013 revelations about .

The new security feature aims to allow non-technical people to use with the click of a button after an initial setup of a few minutes.

A test or beta version of the is being released for developers, and it is expected to be rolled out to in the coming months.

"Our goal is to have this available by the end of the year," Alex Stamos, Yahoo's chief information security officer, told AFP.

"Anybody who has the ability to write an email should have no problem using our email encryption."

Privacy advocates say encryption is a valuable tool in thwarting unwanted snooping, but many users find the process daunting, with a need to create complex codes or "keys" for both the sender and receiver.

Yahoo has been collaborating with Google and its Gmail service on the encryption, and the standards will be compatible, Stamos said, so Yahoo and Gmail users will be able to send each other encrypted messages with a single click.

Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code s
Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code sent to a verified phone each time they log in

"I think anybody who uses email in the center of our life needs encryption," Stamos said.

"If you send emails to your spouse or your lawyer or family members, you want to have these messages be confidential."

Yahoo and Google and other online giants took steps to encrypt Internet traffic in the wake of revelations of vast online surveillance programs led by the US National Security Agency, and have argued they never allowed unfettered access to their servers.

The email encryption takes this further by encrypting the content on both ends of the message.

Dumping the password

Yahoo said another feature soon to be introduced would allow users to bypass the standard password, by getting a one-time code sent to a verified phone each time they log in.

The move would help avoid so-called "phishing" attacks and other maneuvers that steal a user's password, leading to potential identity theft.

The two new measures are expected to improve security and privacy while still being easy to use, Stamos said.

"It's important for our products to be safe as used by normal people," said Stamos.

"Our users face a very diverse set of threats. The biggest threat is probably someone stealing their password, and their account taken over."

He added that encryption and password circumvention may also be important for users living in countries with repressive regimes.

"There are a lot of Yahoo users who live in countries where their freedom of expression and freedom of association is not respected, and where the government is trying to put malware on their computers to track them," he said.


Explore further

Volume of encrypted email rising amid spying fears (Update 2)

© 2015 AFP

Citation: Yahoo sees 'end to end' email encryption by year-end (2015, March 15) retrieved 15 September 2019 from https://phys.org/news/2015-03-yahoo-email-encryption-year-end.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
417 shares

Feedback to editors

User comments

Mar 15, 2015
Encryption has been available for many years. The problem has always been sending/receiving mail with others who also use that particular encryption system.

Until encryption becomes almost automatic, I wonder if it will be adopted. But if it becomes too easy, will it be useful?

Mar 15, 2015
"There are a lot of Yahoo users who live in countries where their freedom of expression and freedom of association is not respected, and where the government is trying to put malware on their computers to track them,"
uh.. yeah, USA, Canada, UK....

Mar 15, 2015
Any truly effective system of this type will be:
1. Abused by crooked users and by perverts;
2. Made illegal by governments or by the United Nations=majority of crooked nations

And the other more probable event will be:
1. Its discovery will be anticipated and detected by 'a' crooked government
2. A 'private entity' will participate in '1' above
3. A 'backdoor' system will go in first; the gullible public will be told nothing
4. Anyone relying on the 'perfect system' will one day rot in prison.

Mar 15, 2015
Congratulations to Doug Huffman for telling us all about protonmail. Being Swiss puts a bit of a different color on matters. It being Europe, strange things can happen over time and no one is more cognizant of this than the Swiss. They found ways to live free next to the bad mad paperhanger with the taxman mustache and not get invaded like the poor Dutch. But then the Swiss were ALL armed to the teeth with military weapons, had universal military service so everyone was a soldier, and Switzerland was ALL steep mountains and hidden valleys and caves not on the way to anywhere; and the nutzies did not want to waste a million dead SS trying it. Holland on the other hand was a helpless waif of a 'gun control' state just begging to be invaded and robbed blind which is just what happened. Holland will probably become the next member of the Islamic Kalifate for that same reason. Only Dutchman with a clue is Geert Wilders and who listens to him...all blinded by big money muslims.

Mar 16, 2015
end-to-end with only the NSA in the middle

Mar 16, 2015
"There are a lot of Yahoo users who live in countries where their freedom of expression and freedom of association is not respected, and where the government is trying to put malware on their computers to track them,"
uh.. yeah, USA, Canada, UK....

China, Russia, Cuba, Venezuela...

At least state the obvious: every government.

Mar 16, 2015
end-to-end with only the NSA in the middle

If they were in the middle it wouldn't be a problem. The problem is that they sit at the extreme ends (i.e. they have compromised the hardware and the algorithms used for the random number generation). In such a scenario end-to-end encryption is as safe as sending plain text.

Mar 16, 2015
Besides all the mentioned concerns, the end-to-end encryption will be unusable because it seriously limits server-based spam filtering and virus checking. For many users it would mean intolerable increase of non-solicited email.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more