Yahoo! spaffs! out! plugin! to! bring! crypto! to! everyone's! email!
Purple Palace pitches painless PGP protection at prosaic punters
Yahoo! has shown off an OpenPGP-based end-to-end e-mail encryption it says will be offered as a plug-in by the end of the year.
Its aim is to make PGP-based encryption more accessible to the everyday layperson.
Described in this blog post by Purple Palace chief information security officer Alex Stamos, the mail encryption code was demonstrated at the South by Southwest (SXSW) conference over the weekend.
Stamos says Yahoo! is currently “rolling out the source code for feedback from the wider security industry”, with the current release posted on GitHub here.
The code is covered by Yahoo!'s bug bounty, and Stamos says the company also hopes that other mail providers will get on board. Google is already playing along in Chrome.
The Wall Street Journal reports that Stamos reminded those in the SXSW audience that content encryption won't protect users against having their
metadata headers snooped, since you can't route a message if the address isn't in the clear. ®