When Edward Snowden tried to contact Glenn Greenwald for the first time, he needed to make a whole video tutorial about how to use PGP (opens in new tab) before he could safely inform Glenn about the story. Yet after all of that trouble, Glenn still wasn't able to figure out how to make it work, which led to him almost missing the whole Snowden revelations story.
This was a lesson for many that current security tools aren't nearly as usable as they should be for normal people who aren't highly technical (which is sometimes a minimum requirement for some of these tools). Tools that are meant to be very secure are usually difficult as it is, but that gets compounded by the fact that many of them are open source -- as they should be, for increased confidence that they aren't backdoored -- and open source projects don't always result in the most beautiful or usable products.
That's an unfortunate status quo right now. The only way we can get most people to encrypt their communications is by having tools and services doing it for them in the background, without any other technical action being required from the user. It would also be of great help if users didn't have to switch from their beloved services or apps in order to use this kind of strong security.
Google wants to help open source security tools reach this goal with the launch of a new organization called Simply Secure.
“We believe that people shouldn’t have to make a trade-off between security and ease of use. This is why we’re happy to support Simply Secure, a new organization dedicated to improving the usability and safety of open-source tools that help people secure their online lives," said a security researcher from Google.
Google's "Simply Secure" organization will be offering its help to open source security tools like the ones from Open Whisper Systems, The Guardian Project, Off-the-Record Messaging and more. This new project from Google follows others meant to improve online security, such as:
- Core Infrastructure Initiative, where Google joins many other tech giants to fix and improve the security of software that's critical for the web's infrastructure
- Project Zero, where a team of expert hackers look for zero-day bugs in all sorts of software
- End-to-End – Google's browser extension for easily encrypting e-mails client-side before sending them to others (which means nobody, not even Google can look at them)
Hopefully, this is just the beginning of a new era for a much more secure Internet, where everyone's web usage and communications are secured with strong encryption, and regular users don't have to be technically-inclined to benefit from that.