Yahoo is to follow Google in rolling out end-to-end encryption for users of its email service in a bid to keep users' correspondence private.
Announcing the move at the Black Hat security conference in Las Vegas, Yahoo's chief security officer Alex Stamos said that, from the Autumn, it would be rolling out PGP encryption to users.
This will be offered through a modified version of technology used by Google to secure its Gmail service. It will be enabled via a browser plug-in.
A few months ago, Google also announced plans to offer a Chrome browser extension to allow its users to encrypt emails. Yahoo's encryption will be compatible with that of Google's.
Two users with the plug-in enabled will be able to send each other emails with the data encrypted, making it unreadable to anyone but the sender and recipient. While it's been possible to encrypt emails for a number of years, such technology has been beyond the capabilities of most people. The plug-ins aim to simplify this process.
"If an activist in Sudan wants to email a human rights organization's gmail address and they have encryption set up for it, it will automatically detect that and offer them the option to encrypt," Stamos told delegates at the conference.
While the subject line won't be encrypted, the rest of the main body of content will. Such encryption means that neither Yahoo nor Google would then be able to scan through the content in order to serve up matching advertising. Stamos, however, predicted there would be no adverse impact on revenue by introducing the measure.
The firm has also updated its mobile email apps for the iPhone and iPad. In a tweet, Stamos said this mobile app will natively run the encryption found in the browser plug-in.
The updated apps will also enhance search functionality, making it easier for users to find people and messages they require via its Smart Search Suggestions.
Android versions of the email app are expected in the coming weeks.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
ThreatLabz Report: The state of encrypted attacksWhitepaper What's hiding in your web traffic?
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
The worst hacks of all timeIn-depth Yahoo, LinkedIn, Facebook, here is a quick guide to some of the biggest data breaches in history
