Movement on all things data security has really picked up in recent months. Thanks in part to numerous high profile data breaches which I feel I keep mentioning, it’s the new hot topic; significant pushes have been made to bolster the earthworks around people’s information, from IT to the national level.
At Google, email is the latest focus for encryption efforts; that is, protecting users’ messages in transit, where they are often susceptible to theft by any lurking interceptors, whether individual actors or government surveillance. To that end, Google is releasing a new Chrome browser add-on called End-to-End, designed to facilitate use of the complex encryption standard Pretty Good Privacy (PGP).
The impetus behind this drive? It’s possible the Snowden leaks that revealed (unsurprisingly) illegal government spying are a major factor. Let’s face it, as of now, the NSA is probably going to get at what the NSA wants, like a bloodthirsty mantis shrimp smashing an oyster shell with its superheated bullet claw. Something like Google’s new extension, however, could in fact frustrate government efforts on that front.
Another factor: only 69 percent of Gmail’s outgoing emails are encrypted, according to a Google report, while even less (half) are encrypted during delivery of inbound emails from other services. What this signals is a distinct lack of email encryption among certain major email providers, some of whom Google also made a point of calling out in its report. Comcast was one of the most egregious offenders, with less than 1 percent of Gmail messages outbound to Comcast recipients being encrypted. Verizon fared little better. After all, in order for emails to be secured, the providers on both ends must have in place the necessary security tools—and until now, the aforementioned telecommunications giants had not shown up to the party.
Clearly, though, having Google publicly question your lack of encryption policy is like Phil Jackson accusing you of being a selfish basketball player, because Comcast wasted no time (literally, almost no time, just a few hours) in announcing beta testing of TLS (Transport Layer Security, the same type Gmail supports) encryption to ensure their users’ messages are protected in transit. Comcast spokesman Charlie Douglas emphasizes the seriousness of their intent, which, if true, just might inspire other layabouts to follow suit and get cracking on their own email encryption policies.
Now, if only it were so easy to call out the cable companies and ISPs on their net neutrality nonsense.
No comments:
Post a Comment