Everything we do online, whether chatting on phone, talking via video or audio, sending messages on phones or emails are being watched by Governments and Intelligence agencies. However, many Internet giants offer encrypted environment in an effort to protect our online data from prying eyes, but still those companies can read our data stored into their servers.
But, there is a great news for Gmail users. On Tuesday, Google has announced two major privacy enhancements in its Gmail and this new push for its email service will even protect our data and communication from Google itself.
With the ongoing concerns about privacy and the pervasiveness of email communications, Google already provides encryption for its Gmail called Transit encryption (HTTPS). In which only the transmission of emails sending or receiving is protected by the transit encryption but not the content of the email.
Few Months back, Google itself admitted that their automated systems read our email content, including incoming and outgoing emails to provide us targeted advertisements. That means Internet giants generally do encrypt our data, but they have the key so they can decrypt it any time they want.
Google also today released its first email encryption transparency report, and in new section called Safer Email, Google describes a world of webmail where only about 40 to 50 percent of all emails sent are unencrypted from server to server (eg. Gmail to Yahoo), because Transit encryption does work only and only if both the sending and receiving service agree to use it. But if your email client may have not agreed to use it, your contents of the email are vulnerable to being read.
In our previous article, we reported about the company's plan to ensure its users Privacy by implementing more complex encryption tools, the secure email encryption standard known as Pretty Good Privacy (PGP) and finally, it has launched a new Chrome extension called End-to-End for sending and receiving emails securely.
PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. So, bringing PGP to the Gmail service will result in a much stronger end-to-end encryption for emails.
PGP tool is too complicated for most of the people to use, but this new 'End-to-End' Google Chrome extension will make it easier for individuals to implement the tough encryption standard.
"While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we're releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools," reads the blog post.
You won't find End-to-End n the Chrome Web Store for a while, but soon Google is most likely to release its new Chrome extension, as the company says it is "just sharing the code today so that the community can test and evaluate it, helping us make sure that it's as secure as it needs to be before people start relying on it."
For now, Google is just asking users to test the End-to-End extension code and offering financial rewards of tens of thousands of dollars to find any security bugs under its Vulnerability Reward Program. The developers must compile themselves before testing.
Google said that once End-to-End is found out to be secure enough for its users, the company will make the extension available through the Chrome Web Store as a free add-on.