Having previously made HTTPS default for Yahoo Mail and encrypting mail between Yahoo services and other mail providers that support the SMTPTLS standard, Yahoo has gone a step further. It has announced that traffic between Yahoo data centers is now encrypted, as of March 31.
Revelations about NSA spying programs that leaked in the past year detailed how links between data centers can be targeted for spying programs.
Yahoo pledged to protect its customers by deploying encryption technologies across its services back in November 2013, and so far seems to be on track with the promises made by Marissa Mayer, Yahoo President and Chief Executive Officer.
Other steps taken by Yahoo include switching on HTTPS by default on the Yahoo Homepage and most Yahoo properties. The web giant also implemented the latest in security best-practices, including supporting TLS 1.2, Perfect Forward Secrecy and a 2048-bit RSA key for many of its global properties, and is working to eventually bring all Yahoo sites up to this standard.
An encrypted version of Yahoo Messenger has been promised too, and will be delivered "in coming months."
Yahoo's move follows similar steps taken by Google to protect consumer privacy and rebuild confidence damaged by revelations made by Edward Snowden. The search giant also encrypts traffic as it moves between data centers, and its GMail service uses HTTPS by default.
Written by: James Delahunty @ 3 Apr 2014 4:02
