Yahoo CISO: End-to-end Mail encryption by 2015

Summary: At Black Hat USA 2014, Yahoo's CISO announced in a presentation that consumers will be seeing end-to-end encryption in its Mail product by 2015.

Today at Black Hat USA 2014, Yahoo's CISO announced in a presentation that consumers will be seeing end-to-end encryption in its Mail product by 2015.

Announcing a new PGP plugin that piggybacks off of Google'sPGP plugin, Alex Stamos told the audience at his talkBuilding Safe Systems at Scale - Lessons from Six Months at Yahoothat this project has been a priority since he joined Yahoo Inc. six months ago.

Recruited for the project is (now former) EFF staff technologist Yan Zhu.

In the Thursday talk, Stamos told attendees that Yahoo is using the end-to-end encryption plugin that Google released a few months ago, with the plan of having both Yahoo Mail and Gmail able to exchange encrypted mail between the services seamlessly and easily.

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

The move is a step in the right direction for security teams endeavoring to bring ecncryption to consumers, which faces challenges around ease of use for the ordinary user.

Encryption has followed security's traditional quandary of easy versus secure. Basically, if anything [in tech] is easy to use, lots of people will use it -- but security and simplicity seldom go hand-in-hand.

Stamos directly referenced the 'post-Snowden era' of consumer privacy and security as the impetus for his push at Yahoo to his Black Hat audience.

Excerpt from:
Yahoo CISO: End-to-end Mail encryption by 2015