Posted November 19, 2013 6:42 am by with 2 comments

Tweet about this on TwitterShare on LinkedInShare on Google+Share on FacebookBuffer this page

online-security-padlockYahoo appears to no longer be willing to be the NSA’s favorite provider of information. Ars Technica reports

In the wake of revelations about the National Security Agency’s monitoring of traffic on the private international fiber links connecting the data centers of Google and Yahoo, Google stepped up its efforts to encrypt internal server traffic and block such monitoring. Now, Yahoo has announced its own plans to encrypt all information that travels between data centers by early next year.

In addition to encrypting traffic between its data centers by March of 2014, Yahoo is also moving to apply SSL encryption across all its websites within the same time frame.

Yahoo is coming off the recognition as being the NSA’s favorite source of data on anyone and anything and that revelation didn’t settle very well with Yahoo CEO Marissa Mayer. She outlined her take in a post on the Yahoo blog. Here it is in its entirety.

We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it.

As you know, there have been a number of reports over the last six months about the U.S. government secretly accessing user data without the knowledge of tech companies, including Yahoo. I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.

There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL – Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014.

Today we are announcing that we will extend that effort across all Yahoo products. More specifically this means we will:

-Encrypt all information that moves between our data centers by the end of Q1 2014
-Offer users an option to encrypt all data flow to/from Yahoo by the end of Q1 2014
-Work closely with our international Mail partners to ensure that Yahoo co-branded Mail accounts are https-enabled.

As we have said before, we will continue to evaluate how we can protect our users’ privacy and their data. We appreciate, and certainly do not take for granted, the trust our users place in us.

These are strange days indeed in the online world. The promise of sharing information has turned into the reality of being targeted in some ways. The balance between national safety and personal privacy is not in balance at all.

There’s nothing really to say here because this is a classic “it is what it is” scenario. The big players are going to have to battle this out on the behalf of their users and the users are going to need to decide just how much they want to be ‘available’ in the online world.

What is your position here both as a marketer and an Internet user?

  • Every secure system has a point of failure. These companies will give Al Qaeda operatives some protection for a while but eventually the governments will get back in. The stakes are too high.

  • traffikator

    That does not say much, if the encryption keys are known. Of course you can use unbreakable military grade encryption, but the data is only as safe as the safety of the encryption key private or public, whichever they keep. She did not say how secure the key will be kept and how they will be able to leak ooops! I mean inform the public that the Government somehow got a hold of the encryption key and has requested the data. The best way to secure user data, is for the users to start out with a clean non-compromised machine and encrypt locally then transmit that data to the destination and if it has to be saved on remote systems, that it will be safe also.