Google Built End-to-End Encryption to Block Cyber-Crime, Not the NSA

 
 
By Wayne Rash  |  Posted 2014-06-05 Email Print this article Print
 
 
 
 
 
 
 
email encryption

NEWS ANALYSIS: Yes, you can encrypt your email using a new Chrome extension that's fairly easy to use. But do you really think that's going to keep the NSA from reading your email if it wants to?

The blog entry by Google's Stephan Somogyi announcing Google's new End-to-End encryption tool gives some reason for hope that useful encryption may be within reach of nontechnical emailers.

But assertions that End-to-End will somehow protect you from the National Security Agency snooping are overblown. In fairness, Somogyi doesn't actually claim that his tool will exclude the NSA. That's been done by others.

Let's face it, if your goal is to prevent the NSA from reading your email, using Google's Gmail isn't going to work for you. There are several reasons, not the least of which is that the agency can simply get a court order for your email if it has reason to believe that you are doing something that it wants to find out about. Another is that in many cases, the NSA isn't necessarily interested in the contents of your endless yammering, but rather who you yammer with.

In other words, in many cases the NSA is a lot more interested in your email metadata than in the email itself. If, upon examining your metadata the agency finds that you've been corresponding with its wide definition of Bad Guys, then it will go looking for the contents of your email with the aforementioned warrant. Encrypting the email in transit, which is what End-to-End encryption promises to do, simply won't matter.

So how does End-to-End become more effective than, say, translating your email into Pig Latin? Somogyi's blog post will give you a hint. He's really focusing on cyber-crime, not the NSA. Encrypting your email, and for that matter everything else, is an effective means of keeping criminals from reading your sensitive information.

While there may be cyber-criminals who have the means to decrypt some messages, the chances of their being able to accomplish something as complex as decrypting a PGP-encrypted message quickly enough to be usable is highly unlikely.

Likewise, considering the level of effort and the massive computing power that may be necessary to perform such a decryption project, it's unlikely that anything you have to say is worth it to them.

What End-to-End will do is keep your data, including email, encrypted from the time it leaves your computer until the intended recipient gets it on the other end using OpenPGP. This is in addition to the encryption that Chrome (and most other browsers) uses when connecting to Gmail and some other services. The reason End-to-End is important is that it's designed to be easy for a layman to use.



 
 
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel