A new, encrypted Yahoo Messenger is also in the works

Apr 3, 2014 07:10 GMT  ·  By

Yahoo has just announced that all traffic moving between its data centers is now fully encrypted as of March 31.

The announcement comes just a few weeks after Google made a similar announcement regarding Gmail. Both companies are reacting to media reports based on Edward Snowden’s leaked documents regarding the NSA’s efforts to hack into the connections between their data centers, a place where communications were unencrypted.

Yahoo has been putting in an effort to make sure its users’ data is safe, adding more and more security layers ever since the NSA scandal broke through last summer.

For instance, in January, the company made browsing more secure by enabling HTTPS by default. Last month, Yahoo has also enabled encryption of mail between its servers and other mail providers that support the SMTPTLS standard.

The search queries run through the Yahoo homepage and most Yahoo properties also benefit from HTTPS encryption.

The company has also implemented the latest in security best-practices, including supporting TLS 1.2, Perfect Forward Secrecy and the 2048-bit RSA key for Homepage, Mail and Digital Magazines. All Yahoo sites will be brought up to this standard in the coming months.

“Users can initiate an encrypted session for Yahoo News, Yahoo Sports, Yahoo Finance, and Good Morning America on Yahoo (gma.yahoo.com) by typing “https” before the site URL in their web browser,” the announcement reads.

Furthermore, Yahoo Messenger is also under works. An encrypted version will be launched in the coming months.

“Hundreds of Yahoos have been working around the clock over the last several months to provide a more secure experience for our users and we want to do even more moving forward. Our goal is to encrypt our entire platform for all users at all time, by default,” explains the company’s Alex Stamos, Chief Information Security Officer.

As for the company’s mission, Stamos says that it wants to improve the security of the overall web ecosystem. On top of the work on Yahoo products, the company will encourage thousands of its partners across Yahoo’s global properties to make sure that any data running in the network is secure.

Additional security measures such as HSTS, Perfect Forward Secrecy and Certificate Transparency are going to be implemented in the coming months as well. Sine network security always needs to be protected, Yahoo promises to continue its work to make sure data is protected from attacks and surveillance that violates user privacy.