Internet giant Google has rowed into the debate over cyber-snooping on ordinary people by the NSA by releasing a source code for a new extension for its Chrome browser that makes it easier for people to encrypt their email.
The move should rattle the NSA which has been capitalising on the sad reality that people simply don’t deploy encryption tools like PGP and GnuPG because they require a great deal of technical expertise.
The new tool, entitled End-to-End is a Chrome extension intended for users who need additional security.
“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.
However, the encryption tool End-to-End won’t be appearing in the Chrome Web Store right away.
Google is sharing the code today so that the community can test and evaluate it to make sure it is fully secure before people start relying on it.
To emphasise its intent, Google is offering financial rewards for finding security bugs in its code via the Vulnerability Reward Program.
“Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe,” said Stephan Somogyi, product manager, Security and Privacy.
“For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.
“While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use.
“To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption toolsl,” Somogyi said.
Encryption image via Shutterstock