Google shifts on email encryption tool, leaving its fate unclear

Google shifts on email encryption tool, leaving its fate unclear

Google is asking developers to take over its effort to make end-to-end email encryption more user-friendly, raising questions over whether it’ll ever

Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones
Microsoft repairs buggy Win7 security patch with buggy hotfix KB 4039884
30 Spies Dead After Iran Cracked CIA Comms Network With, Er, Google Search

Google is asking developers to take over its effort to make end-to-end email encryption more user-friendly, raising questions over whether it’ll ever become an official feature in the company’s browser.

On Friday, the search giant said its email encryption tool, originally announced in 2014, was no longer a Google product. Instead, it’s become a “full community-driven open source project,” the company said in a blog post.

The tool is designed to work as an extension to Google’s Chrome browser that uses the OpenPGP standard to encrypt emails, ensuring that only the recipient can read them—and not the email provider or a government.  

The main goal of Google’s project was to make OpenPGP easier to use. It was announced amid growing scrutiny over U.S. surveillance efforts following disclosures from noted leaker Edward Snowden.

However, the search giant hasn’t made the extension officially available on its Chrome Web Store. Instead, the project’s source code has only been made available on GitHub, a software collaboration site, making the extension harder to install, especially for non-technical users. 

The GitHub page also hasn’t been frequently updated, so it’s unclear how serious the search giant has been about the effort, or if others will take up the project.

Google didn’t immediately respond to a request for comment. But the GitHub page is offering the source code to what’s called E2EMail, a Chrome extension that works with Gmail. “At this stage, we recommend you use it only for testing and UI feedback,” the page says.

basicE2EMail

A screenshot of the E2EMail extension. 

Back in Dec. 2014, Google also said that its end-to-end encryption tool still wasn’t as “usable as it needs to be,” pointing to the problem of managing the public keys used in PGP encryption. Often, the keys necessary to exchange secure messages are held on a public server or sent via email, but the authenticity of the user providing them is never verified.

COMMENTS