Yahoo Announces Move to SSL for Sites and Encryption Between Data Centers
Yahoo appears to no longer be willing to be the NSA’s favorite provider of information. Ars Technica reports
In the wake of revelations about the National Security Agency’s monitoring of traffic on the private international fiber links connecting the data centers of Google and Yahoo, Google stepped up its efforts to encrypt internal server traffic and block such monitoring. Now, Yahoo has announced its own plans to encrypt all information that travels between data centers by early next year.
In addition to encrypting traffic between its data centers by March of 2014, Yahoo is also moving to apply SSL encryption across all its websites within the same time frame.
Yahoo is coming off the recognition as being the NSA’s favorite source of data on anyone and anything and that revelation didn’t settle very well with Yahoo CEO Marissa Mayer. She outlined her take in a post on the Yahoo blog. Here it is in its entirety.
We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it.
As you know, there have been a number of reports over the last six months about the U.S. government secretly accessing user data without the knowledge of tech companies, including Yahoo. I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.
There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL – Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014.
Today we are announcing that we will extend that effort across all Yahoo products. More specifically this means we will:
-Encrypt all information that moves between our data centers by the end of Q1 2014
-Offer users an option to encrypt all data flow to/from Yahoo by the end of Q1 2014
-Work closely with our international Mail partners to ensure that Yahoo co-branded Mail accounts are https-enabled.
As we have said before, we will continue to evaluate how we can protect our users’ privacy and their data. We appreciate, and certainly do not take for granted, the trust our users place in us.
These are strange days indeed in the online world. The promise of sharing information has turned into the reality of being targeted in some ways. The balance between national safety and personal privacy is not in balance at all.
There’s nothing really to say here because this is a classic “it is what it is” scenario. The big players are going to have to battle this out on the behalf of their users and the users are going to need to decide just how much they want to be ‘available’ in the online world.
What is your position here both as a marketer and an Internet user?