Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

I'm all for computer dating, but I wouldn't want one to marry my sister.


computers / comp.mobile.android / Google adds client-side encryption to Gmail and Calendar

SubjectAuthor
* Google adds client-side encryption to Gmail and CalendarNewsKrawler
`- Re: Google adds client-side encryption to Gmail and CalendarJoerg Lorenz

1
Google adds client-side encryption to Gmail and Calendar

<ttmrv4$1etd0$1@paganini.bofh.team>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=38168&group=comp.mobile.android#38168

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!paganini.bofh.team!not-for-mail
From: newskr...@krawl.org (NewsKrawler)
Newsgroups: comp.mobile.android
Subject: Google adds client-side encryption to Gmail and Calendar
Date: Wed, 1 Mar 2023 06:39:33 -0000 (UTC)
Organization: To protect and to server
Message-ID: <ttmrv4$1etd0$1@paganini.bofh.team>
Injection-Date: Wed, 1 Mar 2023 06:39:33 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1537440"; posting-host="nDb7tZ7UQVYri04syWnKjQ.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
Cancel-Lock: sha256:SvLe4lp/NZrBNXiCG1+ZvvvGX5nstRLvHXd2Y/w2b74=
X-Notice: Filtered by postfilter v. 0.9.3
 by: NewsKrawler - Wed, 1 Mar 2023 06:39 UTC

https://arstechnica.com/information-technology/2023/02/google-adds-client-side-encryption-to-gmail-and-calendar-should-you-care/
Google adds client-side encryption to Gmail and Calendar. Should you care?
New service occupies a middle ground between E2EE and mere server-side
encryption.

On Tuesday, Google made client-side encryption available to a limited set
of Gmail and Calendar users in a move designed to give them more control
over who sees sensitive communications and schedules.

Client-side encryption is a generic term for any sort of encryption that's
applied to data before it's sent from a user device to a server. With
server-side encryption, by contrast, the client device sends the data to a
central server, which then uses keys in its possession to encrypt it while
it's stored. This is what Google does today. (To be clear, the data is sent
encrypted through HTTPS, but it's decrypted as soon as Google receives it.)

Google's client-side encryption occupies a middle ground between the two.
Data is encrypted on the client device before being sent (by HTTPS) to
Google. The data can only be decrypted on an endpoint machine with the same
key used by the sender. This provides an incremental benefit since the data
will remain unreadable to any malicious Google insiders or hackers who
manage to compromise Google servers.

Abbreviated as CSE, client-side encryption was already available for Google
Drive, Docs, Slides, Sheets, and Meet for users of Google Workspace, which
the company sells to businesses. Starting on Tuesday, Google is rolling it
out to customers of Gmail and Calendar Workspace.

"Workspace already encrypts data at rest and in transit by using
secure-by-design cryptographic libraries," Ganesh Chilakapati, Google's
group product manager for Google Workspace, and Andy Wen, director of
product management for Google Workspace security, wrote. "Client-side
encryption takes this encryption capability to the next level by ensuring
that customers have sole control over their encryption keys-and thus
complete control over all access to their data."

It's probably an exaggeration to say Google's CSE gives customers "sole
control" of their encryption keys. That's because CSE keys can be managed
by a handful of external encryption key services that partner with Google.
Technically, that means these providers will have at least some control
over the keys. Google does give CSE users the option of setting up their
own key service using a Google programming interface.

CSE is significantly different from PGP (Pretty Good Privacy) mail
encryption that was popular with security-minded people a decade ago. That
system offered true end-to-end encryption since the contents could only be
decrypted with a key in the recipient's possession. The difficulty of
managing a different key for each party eventually proved too cumbersome,
particularly at scale, so the use of PGP has largely vanished and been
replaced with end-to-end encryption apps such as Signal.

Re: Google adds client-side encryption to Gmail and Calendar

<ttmt5g$1f8f4$1@solani.org>

 copy mid

https://www.novabbs.com/computers/article-flat.php?id=38169&group=comp.mobile.android#38169

 copy link   Newsgroups: comp.mobile.android
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: hugyb...@gmx.ch (Joerg Lorenz)
Newsgroups: comp.mobile.android
Subject: Re: Google adds client-side encryption to Gmail and Calendar
Date: Wed, 1 Mar 2023 08:00:00 +0100
Message-ID: <ttmt5g$1f8f4$1@solani.org>
References: <ttmrv4$1etd0$1@paganini.bofh.team>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 1 Mar 2023 07:00:00 -0000 (UTC)
Injection-Info: solani.org;
logging-data="1548772"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
Gecko/20100101 Thunderbird/102.8.0
Cancel-Lock: sha1:Obog6jxo2NxCpIy132rfjgTAuSc=
Content-Language: de-CH
X-User-ID: eJwFwYEBwCAIA7CXZNKWnaOM/n/CEmwGW0kwYZglqk7euqvmlUE2JyYw+9yWIK/dj8P+Mn4TXhEa
In-Reply-To: <ttmrv4$1etd0$1@paganini.bofh.team>
 by: Joerg Lorenz - Wed, 1 Mar 2023 07:00 UTC

Am 01.03.23 um 07:39 schrieb NewsKrawler:
> https://arstechnica.com/information-technology/2023/02/google-adds-client-side-encryption-to-gmail-and-calendar-should-you-care/
> Google adds client-side encryption to Gmail and Calendar. Should you care?
> New service occupies a middle ground between E2EE and mere server-side
> encryption.

..
..
..

> CSE is significantly different from PGP (Pretty Good Privacy) mail
> encryption that was popular with security-minded people a decade ago. That
> system offered true end-to-end encryption since the contents could only be
> decrypted with a key in the recipient's possession. The difficulty of
> managing a different key for each party eventually proved too cumbersome,
> particularly at scale, so the use of PGP has largely vanished and been
> replaced with end-to-end encryption apps such as Signal.

I switched to Apple's End-to-End-Encryption on the iCloud recently. I do
not like halfbaken solutions like this Google encryption.

--
Gutta cavat lapidem (Ovid)

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor