Security Blog
The latest news and insights from Google on security and safety on the Internet
E2EMail research project has left the nest
2017 m. vasario 24 d.
Posted by KB Sriram, Eduardo Vela Nava, and Stephan Somogyi, Security and Privacy Engineering
Whether they’re concerned about insider risks, compelled data disclosure demands, or other perceived dangers, some people prudently use end-to-end email encryption to limit the scope of systems they have to trust. The best-known method, PGP, has long been available in command-line form, as a plug-in for IMAP-based email clients, and it clumsily interoperates with Gmail by cut-and-paste. All these scenarios have demonstrated over 25 years that it’s too hard to use. Chromebook users also have never had a good solution; choosing between strong crypto and a strong endpoint device is unsatisfactory.
These are some of the reasons we’ve continued working on the
End-To-End research effort
. One of the things we’ve done over the past year is add the resulting
E2EMail
code to GitHub: E2EMail is not a Google product, it’s now a fully community-driven open source project, to which passionate security engineers from across the industry have already contributed.
E2EMail offers one approach to integrating OpenPGP into Gmail via a Chrome Extension, with improved usability, and while carefully keeping all cleartext of the message body exclusively on the client. E2EMail is built on a proven, open source
Javascript crypto
library developed at Google.
E2EMail in its current incarnation uses a bare-bones central keyserver for testing, but the recent
Key Transparency announcement
is crucial to its further evolution. Key discovery and distribution lie at the heart of the usability challenges that OpenPGP implementations have faced. Key Transparency delivers a solid, scalable, and thus practical solution, replacing the problematic
web-of-trust
model traditionally used with PGP.
We look forward to working alongside the community to integrate E2EMail with the Key Transparency server, and beyond. If you’re interested in delving deeper, check out the
e2email-org/e2email
repository on GitHub.
Komentarų nėra :
Rašyti komentarą
Etiketės
#sharethemicincyber
#supplychain #security #opensource
AI Security
android
android security
android tr
app security
big data
biometrics
blackhat
C++
chrome
chrome enterprise
chrome security
connected devices
CTF
diversity
encryption
federated learning
fuzzing
Gboard
google play
google play protect
hacking
interoperability
iot security
kubernetes
linux kernel
memory safety
Open Source
pha family highlights
pixel
privacy
private compute core
Rowhammer
rust
Security
security rewards program
sigstore
spyware
supply chain
targeted spyware
tensor
Titan M2
VDP
vulnerabilities
workshop
Archive
2026
bal.
kov.
vas.
saus.
2025
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2024
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2023
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2022
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2021
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2020
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2019
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2018
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2017
gruod.
lapkr.
spal.
rugs.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2016
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2015
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
saus.
2014
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
bal.
kov.
vas.
saus.
2013
gruod.
lapkr.
spal.
rugp.
birž.
geg.
bal.
kov.
vas.
saus.
2012
gruod.
rugs.
rugp.
birž.
geg.
bal.
kov.
vas.
saus.
2011
gruod.
lapkr.
spal.
rugs.
rugp.
liep.
birž.
geg.
bal.
kov.
vas.
2010
lapkr.
spal.
rugs.
rugp.
liep.
geg.
bal.
kov.
2009
lapkr.
spal.
rugp.
liep.
birž.
kov.
2008
gruod.
lapkr.
spal.
rugp.
liep.
geg.
vas.
2007
lapkr.
spal.
rugs.
liep.
birž.
geg.
Feed
Follow @google
Follow
Give us feedback in our
Product Forums
.
Follow
Komentarų nėra :
Rašyti komentarą