The new encryption system doesn’t require external exchange of keys or complex user certificate management
Complete with backdoors
Submitted 1 day ago by BrikoX@lemmy.zip to technology@lemmy.zip
https://www.csoonline.com/article/3952075/google-adds-end-to-end-email-encryption-to-gmail.html
The new encryption system doesn’t require external exchange of keys or complex user certificate management
Complete with backdoors
Later this year, when the feature is fully implemented, Workspace users with E2EE enabled will be able to send encrypted messages to any external email users. Instead of the message, recipients will receive a link that, when clicked, will take them to a restricted version of Gmail where they need to authenticate with the organization’s chosen identity provider to view the decrypted message. External users will also be able to reply within the same restricted Gmail interface.
How can it be end2end then? If you don’t have some kind of public key of your recipient but they are still able to read the message once they proofed their identity, that means that the secret to decrypt the mail is stored on Google servers and/or part of the link which is send in a non-encrypted plain-text mail.
I just see vendor lock-in. A closed source solution?
End to end encryption already exists for email without everyone using the same service. Using open source solutions.
How many services has google canceled through the years? What happens to email send by this when that alphabet department looses a turf war? Unrelated : how can anyone reasonably trust this company to keep secrets?
9tr6gyp3@lemmy.world 1 day ago
Google waving its huge cock around again. Cant play nice with the decentralized world of email. They HAVE to keep everything locked in their own ecosystem.