Yahoo Joins Google Effort to Encrypt Email

Discussion in 'privacy technology' started by ronjor, Aug 7, 2014.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,790
    Location:
    Texas
  2. guest

    guest Guest

    Preventing the court to inspect a suspect's data. Really? ಠ_ಠ
     
  3. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I would be truly impressed if they managed such a thing.

    I wonder if they'll go the ProtonMail route (where the provider has the user's private key, but it's encrypted by a passphrase that only the user knows) or the full Enigmail-style.

    Maybe Microsoft will sign on, given the recent loss re their Irish data.
     
  4. guest

    guest Guest

    In a perfect world, maybe yes. But we don't live in a perfect world and these claims are only an attempt to make them look good and preserving their own userbase. Come on, I believe you should know better than me. ;)

    Great, I'm posting in privacy related forum section yet again. Didn't realize I was doing it. :D
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    You're always welcome :)
     
  6. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    Does it mean Yahoo or Google still will be able to read your email while you write it (or in the auto-save drafts), and it is only after it is sent they no longer can?

    I doubt they will accept to give up too much access to users email.

    And, of course, they still have the metadata.
     
  7. Tipsy

    Tipsy Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    207
    "In early 2008, Microsoft Corp.'s product planners for the Internet Explorer 8.0 browser intended to give users a simple, effective way to avoid being tracked online. They wanted to design the software to automatically thwart common tracking tools, unless a user deliberately switched to settings affording less privacy.

    That triggered heated debate inside Microsoft.
    . . .
    In the end, the product planners lost a key part of the debate. The winners: executives who argued that giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads. Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software.
    . . .
    When he heard of the ideas, Mr. McAndrews, the executive involved with Microsoft's Internet advertising business, was angry, according to several people familiar with the matter. Mr. McAndrews feared the Explorer group's privacy plans would dramatically reduce the effectiveness of online advertising by curbing the data that could be collected about consumers.
    . . .
    When Microsoft released the browser in its final form in March 2009, the privacy features were a lot different from what its planners had envisioned.
    . . .
    Advertising groups say they were pleased, too. "They ended up with something pretty excellent," says Mr. Rothenberg of the Interactive Advertising Bureau."

    http://online.wsj.com/news/articles/SB10001424052748703467304575383530439838568
     
  8. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,522
    Location:
    USA - Back in a real State in time for a real Pres
    It's just for show. When the 3 letter agencies ask Yahoo even if they join Google (for which encryption is just a show also) Yahoo will give them what they want at the speed of light, realtime or faster.
     
  9. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    I will stick to supporting offshore email buisness. Excuse my pessimism.
     
  10. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    It amazes me that they only just started using HTTPS last year: https://www.eff.org/deeplinks/2013/01/yahoo-mail-makes-https-available

    I think a lot of these larger email service providers are realizing they're going to have to up their security to compete, which isn't bad. I wouldn't rely on Yahoo mail personally, but it's good that their millions of users are at least getting some better security measures in place (better late than never I guess).


    I just use https://www.wilderssecurity.com/find-new/607084/posts
     
  11. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    Let's see how they are going to implement the encryption first and if they will have access to the private keys or not...

    I have a Yahoo! email account (among many others) since 2001, but I never had any problems with it. I wonder why are people so reluctant about using Yahoo?
     
  12. guest

    guest Guest

    It's true that users will get a better security measure with this, and I honestly support this move despite my distaste of Yahoo. But saying no to the court is just not possible. They will surely put some holes on purpose in case legal actions were taken.

    And I often don't pay attention to the forum section names under the thread titles. My bad. :D
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    As long as accounts aren't anonymous, courts can demand passphrases from users.

    I would be very impressed if Google and Yahoo go the full PGP/GnuPG route. However, I don't see how they could do that while allowing access from multiple devices. That's why I suspect that they'll go with the ProtonMail approach.
     
  14. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    I've used it in the past, like mid 2000s. It's not that it's 100% bad, it's just I feel in this age of zero-knowledge email services (where the host can't even read what you store), OpenPGP, etc, there's better providers to choose from.

    The issues I have with Yahoo/Hotmail/Gmail are that they're designed for the majority of people (anyone 13 to 104 years old) to use easily, without cost (free). When they do that, then you'll usually find these services have to dumb down their security, along with placing ads.

    The issue with ads is:
    http://blog.opendns.com/2014/05/29/no-more-ads/

    So that's part of my reasoning. The other is, again, I used yahoo for a few years, then gmail, and only this past year have I started using countermail. It's good to shop around every few years, see what else is available.
     
  15. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    Yahoo is one of my main provider for everyday mail. I can easily register for promotions using disposable e-mails and unsubscribe from junk mail with unsubscribe. But I'm honestly thinking of switching services since they implemented the new knock off g-mail layout due to some trouble that I've been experiencing. Sicne the switch, it's become impossible to accurately and efficiently sort mail by sender. You have to use a search engine to filter e-mail results, which would be fine if it returned the correct results. Instead it kicks back dozens of e-mails that are unrelated. At first I thought this was because some of these e-mails might have social media links embedded within the e-mail content, subject header, etc.. But after careful review, this initial hypothesis was disproved. Secondly, when moving content from one folder to another location it drops it in the inbox. Forcing me to then search for the e-mail that I just moved (re-selecting them 1 by 1) and then attempt to move them a second time. I end up transferring e-mail correctly, but it requires additional effort on my part to do all of these steps at least twice. It's not like I trust these companies to handle my security and privacy. I've come to expect incompetence and greed, but to try to emulate your competitors instead of diversifying your products is just frankly stupid. Yahoo didn't even do a good job of emulating g-mail with the new layout. I'm starting to see a trend with performance issues across applications and other web services as companies move towards this metro or modern UI. There is a delay in launching applications and the GUIs are buggy as hell. Now they think they can tackle encryption. This should be amusing to watch.
     
  16. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
    At this point I'd say we don't know whether users will in fact get better security. That will depend on the final architecture, how secure it is from all the different angles, how open and widely supported it becomes (outside advertising oriented companies), what effects it will have on client side software and choices, whether better solutions get crowded out, and what choices people make.

    Arguably, we're talking about some (advertising!) companies that you should NEVER share personal information (even metadata) with, and especially not personally identifiable information or email addresses tied to personally identifiable information somewhere. I think there is the potential for one step forward (better email encryption for a *subset* of one's communications), 2 or more steps back (exposing other communications and personal info to such companies).
     
  17. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    An interesting take on the fact that Yahoo! might loose money from ads if they will encrypt the mails:

    http://www.forbes.com/sites/kashmirhill/2014/08/07/yahoo-end-to-end-encryption/

     
  18. guest

    guest Guest

    HA HA HA YES! :D Somehow people keep forgetting that Google and Yahoo are ad companies. And so they say these ad companies should respect users' privacy. That's just not going to happen. Tailored ads are just too effective.
     
    Last edited by a moderator: Aug 11, 2014
  19. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
  20. RollingThunder

    RollingThunder Registered Member

    Joined:
    Nov 21, 2013
    Posts:
    187
    Location:
    https://www.eff.org/issues/anonymity
    Finally some sense. Yeah, as if Yahoo or Google will ever have secure email. What you have to ask yourself is who is the customer when you are using a free system. The customer is the person or entity paying the bill the advertiser. That model will never be secure. Couple all that with mistrust of large corporations.

    Maybe the Google CEO Eric Schmidt honestly told his position on privacy in a 2009 interview with CNBC ,"if you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place". Of course Schmidt is defending Google and not taking into account a given persons right to free expression of speech and ideas without Gov't or in this case corporate surveillance (becoming one in the same). If we live in a society where we cannot express ourselves personal liberty is then dead.

    Yeah right ... big corps and privacy. What has happened to the Dark-Mail Alliance? Anyone hear any reports from Ladar Levison?
     
  21. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
Loading...
Thread Status:
Not open for further replies.