New Facebook Feature Shows Actual Respect for Your Privacy
01:10PM Tue 2 Jun, 2015
FACEBOOK JUST TOOK another surprising step towards securing your communications online.
The social network is launching new features to enable users to use the encryption standard OpenPGP to protect e-mail notifications sent by the company, and to share their public encryption keys with their friends or with the public. The feature is being rolled out to users starting today, according to an announcement on the company’s security blog.
PGP, short for “Pretty Good Privacy,” is a way of scrambling emails or other chunks of text in such a way that, in theory, only the intended recepient can read. To use PGP, you create a pair of keys — essentially long stings of letters and numbers used to encrypt and decrypt a message. One is a public key that you can share with everyone, and a private key that you keep a closely guarded secret. People can then use the public key to create a message that can only be deciphered using your private key. That way, even if someone is able to intercept your email, they can’t read the encrypted messages.
Incorporating PGP into Facebook could help protect activists who use the service for political organizing, though it won’t protect all Facebook communcations.
Facebook can use PGP to encrypt emails it sends you, such as new message notifications from other users or password reset requests. But messages sent from you to other Facebook users through Facebook itself will remain unencrypted. That means that if someone gains access to your Facebook account—or Facebook is forced to hand your account over to law enforcement—those messages will be readable. Still, if someone only has access to your email account, and not to your private encryption key or Facebook account, they won’t be able to reset your password or read private notifications sent to you from Facebook.
Wired