I haven't been this excited about technology ever since bitcoin and vr.
The blog post: http://yahoo.tumblr.com/post/113708033335/user-focused-security-end-to-end-encryption
See the engineering team's comment on hacker news about making the key server federated: https://news.ycombinator.com/item?id=9209500
Exciting times! Finally something might yet come out of the Snowden / Prism saga.
tfw gmail will never do this because it would cut into their profits if they can't scan your email and sell info to the highest bidder whenever they see fit.
NSA cannot access emails that are encrypted on the client side. Unless you are implying that 2048 bit PGP has been somehow defeated.
I remember reading somewhere that in order to beat PGP you need to run our current computing power for millions of years or something ridiculous like that.
I think you don't understand how this works. The encryption is done completely by an open source plugin which _will_ be audited. The session key, private key and public keys will be stored in localStorage, and a list of public keys will be stored in a federated manner.
There is no way that anyone other than the intended recipients can see what's being sent.
If you look at the hacker news comment from the engineering director at Yahoo - this is just the start.
There are plans to figure out client side search of email, multi-device support and federated key servers - meaning yahoo and google and outlook can all talk to each other as long as they decide on a common protocol.
I think a lot of those points are addressed.
The software is open source - so if yahoo attempts to scam users with this they will get caught very easily. Also, it will be downloaded using TLS encryption - so there is no chance of a MITM attack.
How will key signing work? I don't think people are going to verify the identity of the one they're encrypting to even if they know them personally. They generally won't care enough to understand why signing is important, and why you can't trust Yahoo when they say that a key belongs to a mail address (which is what it looks like is going on in the gif on the blog).
Good question. I am thinking that identity verification might be a part of the federated service.
For example - you would be sending an encrypted email to the person identified and verified as firstname.lastname@example.org by this federated service.
At least, that's how I think it would work.
>and why you can't trust Yahoo when they say that a key belongs to a mail address
Another good question. I think the engineering guy at Yahoo answered that:
"Along those lines, we will work with industry peers to build public key registry software that interoperates with other federated providers, is open source, and is transparent in the cryptographic sense. I.e. Yahoo and Google users should be able to send encrypted email to one another with ease, and if either company was forced to lie about the public keys of our respective users we would be caught because math."
And then of course, the problem would be how would this service identify and verify? Would it be done by a handful of corporations? What is the criteria to become a corporation that participates in this?
Maybe the owner of the mail server would just assume the verification / identity of the email holders.
Until using PGP is as easy as pulling up your gmail account and clicking 1 or 2 extra buttons in the Compose tab before sending, it will never be used by anybody except journalists and drug dealers.
Ah got it. Didn't lavabit shutdown - because they did server side encryption - but he was given an ultimatum to handover keys by NSA?
Just the public key of course, so that people can send you emails.
Want to expand on this >>47040282 for the sake of clarity.
In PGP, there are 3 keys associated with an email:
1. The session key - which is a one time secret key for the email.
2. The public key of the receiver (which is generally assumed to be available by everyone who has the receivers email) - which is used by the sender to encrypt the message AND session key.
3. Private Key - this is the secure key that only the receiver has - and this is used to decrypt the message on the receivers client side.
How public / private key pair encryption works on a high level is -> you encrypt a message with the public key of joe@xyz. Now only joe@xyz can decrypt this message because ONLY he has the private key which can be used to decrypt. The two keys are kind of like complements to each other.
The reason that Lavabit failed was that they had the private and public keys on their servers. We only had their "good faith" to believe they would not snoop or do something malicious. But in this case, only YOU will have the private keys, so no one - not even the NSA - would be able to read your emails without issuing YOU a warranty directly.
>The reason that Lavabit failed was that they had the private and public keys on their servers.
>end-to-end encryption of email done in js by the browser
Yeah, it's totally trustworthy. Also openmailbox.org done this before, not that I would use it. Protonmail does this, tho it uses some non-standard encryption scheme I guess.
>The software is open source - so if yahoo attempts to scam users with this they will get caught very easily.
They can replace the js code per session. Are you implying that people will verify the code against the hosted one every time they download the JS code? Not that it wouldn't be possible with some plugin and AFAIK LibreJS working on it, but there is no working solution right now.
Yahoo offers a pretty decent service. Disposable addresses. A terabyte storage.
While Outlooks unlimited storage is actually 5gb that grows if you dont receive too much mail, otherwise you reach their limit.
But the inbox ads of Yahoo are really terrible. And I dont like how you need to use txt message for two step verification.