Google Steps Up Email Privacy with End-To-End Encryption
Google has been making strides to provide Gmail users with end-to-end encryption to stop attackers as well as spying agencies from easily intercepting and downloading them as they are being sent across the web. This is a nice way of setting the NSA back from snooping across millions of accounts. Google will be releasing a chrome plugin that will use PGP (Pretty Good Privacy) encryption. The browser add-on will be called End-to-End.
Google has released open source code for the Alpha version of the End-To-End extension add-on, that somewhat resembles what Google plans to release as a final product. The PGP encryption ultimately adds a safety lock on your email data that can only be unlocked with the private key, once it arrives on your computer. Without encryption, your data can be intercepted at any point as it travels to its’ destination.
Because PGP requires a private key to open your emails, it is important to note that the user will remain responsible for never losing the key code or risk being unable to ever retrieve it. Google has stated that it will not keep private keys saved anywhere for extra security, and some users looking for simplicity will have one more thing to keep in their records. We expect Google to figure it out and have a proper plan to implement the encryption effectively and in a user friendly manner.
This is a great add-on being developed by Google, however, it is only one extra layer of protection for transmission and email remains an unsecured medium for the most part. We will soon cover the most secure email services available this year and provide an in-depth look at each one to give you an idea of how much more security is actually needed to be brought across all email providers.
One of the main issues that remains, is that you can have the most secure setup, but if you send an email to an unsecured server, there is nothing left in your control to stop others from stealing it. Google has expressed the need and want for all other email service providers to start implementing TLS (Transportation Layer Security) encryption in order to further secure messages being sent from server to server. Gmail already implements TLS but Google reports that about 35% of emails still arrive at servers that lack any secure measures, while half of all messages being sent to Gmail accounts are completely unsecured.
It seems to be on the up, but it’s too soon to tell if encryption will catch on, it is dearly needed and with big players such as Google developing their own browser encryption add-ons, it will help shed awareness of the need as well as other providers who remain largely unknown and offer superior email services.
If you need an added layer of security, check out our best VPN picks.