Good news for journalists wanting added protection from surveillance. Yahoo! has announced a technical preview of its email security tool End-to-End, which it has been developing in collaboration with Google. This is another milestone in the tech companies' efforts to protect users not just from outsiders, but also from the companies themselves.
Typically, journalists and their sources must rely on service providers to protect the privacy of communications. Providers not only need the technical proficiency to protect users from attackers of unparalleled skill, they must also have the ability to resist the legal and extralegal coercion of the governments in the countries where they do business--even when that coercion forces them to act against their core principles.
In the U.S., this coercion often takes the form of National Security Letters (NSLs) or warrants issued by the Foreign Intelligence Surveillance Court (FISC). These orders demand potentially vast quantities of data, but gag the recipients from ever talking about it.
Yahoo! was exposed to this in 2008, when the FISC commanded it to turn over mountains of private user data under the NSA's PRISM program. In 2014, after years of legal battles, Yahoo! revealed it had won the right to publicly discuss the case.
The FBI issues many thousands of NSLs per year. Much of the FISC's docket is classified, so it's hard to know how many orders it issues per year, but Department of Justice reports declassified in 2008 and 2014 hint at the scale. One thing's for certain though: the only unusual thing about Yahoo!'s situation is that it is now allowed to talk about it.
In response to these orders, some organizations have turned to a tactic known as warrant canaries. Rather than breaking the law by revealing that they have been subject to secret orders, the companies regularly publish statements that they have not received one. If that status changes, the company in question "kills the canary" by failing to publish a new statement. However, this tactic seeks only to blow the whistle on secret government intervention; it does nothing to stop it.
Evidently, that is not enough for Yahoo! and Google: End-to-End is designed to ensure that the companies have nothing to turn over, even if the government does come knocking.
End-to-End is named after the principle of end-to-end encryption, the most robust way to secure communications. Most online services use transport encryption, which protects information while it is being sent between a user and the central service provider. Transport encryption protects against interlopers seeking to intercept or access messages, but not against the service itself. The plain text of messages is still stored by the service provider. A sophisticated attacker can gain access to a user's messages by coercing the service provider--as with Yahoo! in 2008.
In an end-to-end cryptosystem, the plain text of a message is only available at the ends of the communication: to the sender and the recipient, but not the service provider. Messages are encrypted by the sender and can only be decrypted by the recipient. The service provider--and anyone who coerces the service provider--sees only garbled code. End-to-end encryption is the approach used by the standard email protection system GPG, as well as instant-messaging tools such as Cryptocat which use the OTR protocol, and secure phone and SMS apps Signal, Textsecure, and Redphone from software developer Open Whisper Systems.
The End-to-End application developed by Google and Yahoo! is based on the older GPG system for protecting email. Unfortunately, GPG was never very easy to use, and is even harder when using webmail systems such as Yahoo! Mail or Gmail. By making end-to-end encryption easy to use, End-to-End stands to make this robust level of security common among webmail users.
The more people Yahoo! and Google can convince to use End-to-End, the better for the companies and their users. If most messages on Gmail or Yahoo! Mail are encrypted, secret orders for fishing expeditions become less effective and it becomes easier for companies to fight the orders. The larger the community who easily send and receive end-to-end-encrypted messages, the more people can safely communicate with journalists, and that's great for a free press.
The End-to-End project started in July when Google announced an alpha version of the tool on its Security Blog. At the Black Hat security conference in Las Vegas in August, Yahoo! Chief Security Officer Alex Stamos announced that the tech company would be joining the project. During his presentation, Stamos revealed he had hired Yan Zhu, a software engineer who worked for tech-focused civil-liberties group Electronic Frontier Foundation, to help with its development. His ambitious plan: to make End-to-End available to all of Yahoo!'s 250 million worldwide users by the end of this year.
The technical preview Zhu and Stamos released at the SXSW Interactive festival in Texas earlier this month is not a finished version. The preview will allow outside developers and cryptographers to examine the code, identify problems, and report bugs. However, the progress that has been made for this release is considerable. A short comparison, which Yahoo! showed alongside the preview, suggests that End-to-End with Yahoo! Mail is considerably faster to set up and initially easier to use than GPG Tools, the current best-in-class for this sort of encrypted email.
Universal safety measures like this are vital tools for journalists. Between Google and Yahoo!, the End-to-End project has the potential to reach more than 750 million active users. This potential groundswell of adoption could lead to other email services building similar systems--making end-to-end encrypted email an easy default rather than a challenge for only the most dedicated.