When the NSA surveillance news broke last year it sent shockwaves
through CERN, the particle physics laboratory in Switzerland. Andy Yen, a
PhD student, took to the Young at CERN Facebook group with a simple message: “I am very concerned about the privacy issue, and I was wondering what I could do about it.”
There was a massive response, and of the 40 or so active in the discussion, six started meeting at CERN’s Restaurant Number 1, pooling their deep knowledge of computing and physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.
Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.”
“We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”
This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.
While half the team is now at MIT, some are still in Switzerland where the ProtonMail’s servers are housed for extra protection. “One of the key things we want to do is control our servers and make sure all the servers are in Switzerland which will increase privacy because Switzerland doesn’t do things like seize servers or tape conversations,” says Yen. This will help avoid a situation where the U.S government could forcibly shut them down, says Yen, similar to what happened to Lavabit last year.
Read more: The Only Email System The NSA Can't Access - Forbes
There was a massive response, and of the 40 or so active in the discussion, six started meeting at CERN’s Restaurant Number 1, pooling their deep knowledge of computing and physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.
Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.”
“We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”
This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.
While half the team is now at MIT, some are still in Switzerland where the ProtonMail’s servers are housed for extra protection. “One of the key things we want to do is control our servers and make sure all the servers are in Switzerland which will increase privacy because Switzerland doesn’t do things like seize servers or tape conversations,” says Yen. This will help avoid a situation where the U.S government could forcibly shut them down, says Yen, similar to what happened to Lavabit last year.
Read more: The Only Email System The NSA Can't Access - Forbes
No comments:
Post a Comment