On Thursday, Yahoo announced it will join Google Inc. to create a secure email system by next year that could make it almost impossible for hackers or ISPs and law enforcement to read users' messages.
Yahoo and Google together make up the vast majority of webmail users. Right now, there are over 425 million Gmail users, with Yahoo Mail usage estimated at 273 million.
Yahoo Chief Information Security Officer Alex Stamos officially disclosed at the Black Hat security conference in Las Vegas that his company intends to roll out end-to-end encryption in its email service starting in the fall of this year. The encryption capability will be provided via modified version of the same end-to-end browser plug-in that Google uses for PGP in Gmail.
It means that, at least in the short term, Yahoo and Gmail users can reportedly send safe and secure messages between the two services. The contents of an email protected by end-to-end encryption are hidden and cannot be successfully intercepted. The messages cannot be decrypted by any intermediary, including the webmail provider themselves.
"What this means is that eventually not only will Yahoo Mail users be able to communicate in an encrypted manner with other Yahoo Mail users, but also with Gmail users and eventually with other email systems that adopt similar methodologies," Stamos said in a statement.
Encryption in webmail is difficult to enforce for various reasons. At present it’s extremely difficult for most people to use, and tech giants have concerns about losing users if their services slacken because of encryption.
In order to improve the encryption Yahoo will be leveraging the security community, similar to Google's approach. Yahoo will come up with the encryption source code sometime in the fall, so that the open source community can help ameliorate the experience and look for bugs, Stamos said in a statement.
"We don't have any other providers to talk about yet, but the hope is that this is open and will be adopted by many others in the email ecosystem," said a Yahoo spokeswoman.
The latest move comes as large technology companies join forces to bolster their defences against government spying and hacking, most notably after former NSA contractor Edward Snowden exposed last year the National Security Agency's bulk collection of phone and email communications. Tech titans are making encryption a bigger priority than before.