Will Google’s new email encryption tool save us from the NSA?

Reuters/Francois LenoirMy answer to this question:  NO!

RT News

Google has released code of its new open source End-to-End encryption extension to be tested for bugs and back doors by security experts. While it claims to be an effective privacy guard, it leaves the main question of whether it’s NSA-proof open.

The Google team believes that its new End-to-End tool will allow users to easily encrypt their emails on the go.  

What the Google team did is that they took an already existing open-source encryption standard OpenPGP, which now is rather complicated for a general user as it requires serious technical expertise, and made a product suitable for anyone. Later, when the draft tool is finalized, it would be transformed into a standard extension package for Google’s Chrome browser.

The main difference of the new tool is that it requires a recipient to own a similar program for decrypting the message, otherwise instead of a meaningful letter the receiver would get a set of meaningless symbols.

However promising it might sound, the end-to-end encryption technology does not eliminate the possibility of a government agency such as the NSA reading your emails.

But to do so they’d have to get connected directly to your computer to be able to get the message deciphered easily instead of intercepting it in accordance with a secret court order to decipher it later. This would imply much greater technical and computing resources than the NSA is currently believed to have.

“It’s important that the government not overstep,” Google’s chief of security Eric Grosse said in an interview recently. “We don’t want any government breaking the security of the Internet.”

To a certain point communication giants like Google, Microsoft and Yahoo remained hesitant about the end-to-end encrypted email protocol for a simple reason – that would cut them from additional profits they obtain by gathering personal data from messages and further selling it to those interested in targeted advertising. That’s the main reason behind these companies’ decision last year not to sign the Dark Mail Alliance proposed by communications providers Lavabit and Silent Circle.

But the scandal around the NSA’s global surveillance forced technology companies to change their politics.

With a lot of money spent on introducing encryption technologies on the company’s servers, Google is now preparing to make the companies that lag behind with encryption investments feel ashamed for the lack of security in communications they provide.

Now that the biggest companies have become so much privacy-conscious they introduce new encryption methods – what has actually changed?

According to the files leaked by the former NSA contractor Edward Snowden, the NSA has direct access to leading companies’ servers – Google included – and simply copies the dataflow in full.

Moreover, the NSA even started developing a “quantum computer” capable of breaking all kinds of encryption.

So, it appears that no browser add-on can guarantee 100 percent security from the totalitarian surveillance effort of the US government.

And then there’s more bad news, experts say. The communication giants wouldn’t invest into encryption technologies if they don’t expect to at least recoup their money later. And the NSA would need a larger budget to adapt to the new “secure” communication rules of the game.


4 thoughts on “Will Google’s new email encryption tool save us from the NSA?

  1. “Will Google’s new email encryption tool save us from the NSA?”

    Answer: NO

    If this encryption software add-on came from anyone else other than Google, I would say: MAYBE

    “Moreover, the NSA even started developing a “quantum computer” capable of breaking all kinds of encryption.”

    This statement is almost laughable; the NSA allegedly cannot even combat hackers. Although many of the hackers are already NSA employees or, become NSA employees when their operations are uncovered.

    If I am not mistaken, Edward Snowden said he utilized triple encryption, which can still be broken but not as easily.

  2. Trust me, I know about this stuff.
    If I was running a surveillance op, I would be grabbing people’s data before it was encrypted and after it was decrypted. I have a little frebie DRM dodger for grabbing video, what it looks to be doing is recording pictures from my screen’s top window. What it’s really doing is grabbing the data at the presentation level of the ISO 7 layer model, before it is sent to the screen or network. Simples.
    To do the same with text data and install a process to copy the data to a temp file and send it to a server would be just as easy. I’ve never been invlined to do things like that but was well paid for protecting against such stunts. People really should read “The Girl With The Dragon Tattoo Trilogy”

Join the Conversation

Your email address will not be published.