Google has released an improved version of its existing End-to-End Chrome extension introduced a few months ago. The New version, which has been moved to Github, an opens source repository incorporates contributions from Yahoo and other industry experts.
Snowden’s revelation of massive spying on internet users marked a return on the crypto war of the 70’, smartphone makers moved in swiftly to enhance encryption on their devices amid protests from government agencies. Google introduced end to end encryption Chrome extension and promised to continue working on better encryption on all its products. Now the Silicon Valley tech giant has released an updated version of the existing end-to-end encryption browser extension to bolster the cyber security of its products.
Basically, End-to-end encryption means that data leaving your browser remains encrypted until it is decrypted by the recipient browser on the other end. It makes it nearly impossible for snoopy agencies to eavesdrop on private communication over the internet. End-to-end encryption is currently enabled by default in devices running on Google’s latest OS Lollipop.
The new release End-to End encryption announced on Tuesday, has more documentation from security researchers and industry experts. Google noted the immense contribution Yahoo’s security team lead by Alex Stamos who’ve been part of Google’s end-to-end project since August this year. “We’ve included several contributions from Yahoo Inc.,” read Google’s blogpost “we’re very happy to release the first fruits of this collaboration.”
Google’s said its previous End-to-end alpha release was marred by several vulnerabilities reported by various researchers. Two of the bugs earned a financial reward through the company’s Vulnerability Rewards Program. “One area where we didn’t receive many bug reports was in End-To-End’s new crypto library. On the contrary: we heard from several other projects who want to use our library, and we’re looking forward to working with them.” wrote Stephan Somogyi, Google’s product manager for security and privacy, in a blogpost.
Like with the previous end-to-end alpha release, the new updated version will still not be available in Chrome Web Store partly because Google believes the encryption project is still at its development stage and not ready to face the challenge a non-alpha crypto product. However, the search giant is promising a fully-fledged version next year.
“We don’t feel it’s as usable as it needs to be. Indeed, those looking through the source code will see references to our key server, and it should come as no surprise that we’re working on one. Key distribution and management is one of the hardest usability problems with cryptography-related products, and we won’t release End-To-End in non-alpha form until we have a solution we’re content with,” wrote Somogyi.
The source code of the new version has been moved to GitHub, an open source repository to allow more security researchers to make their contributions to the project. “We’ve always believed strongly that end-to-end must be an open source project, and we think that using GitHub will allow us to work together even better with the community,” says Google.
Top/Featured Image: By Danny Sullivan / Flickr (https://www.flickr.com/photos/dannysullivan/260699510/)