Yahoo makes encryption promise, citing NSA spying

With CEO Marissa Mayer reiterating that “Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever,” the Internet giant announced today that it is working to encrypt all data that passes through its data centers by the end of the first quarter of 2014.

The move follows efforts by Yahoo and other tech companies such as Google, Facebook and Microsoft try to hang on to or restore public trust after revelations that the National Security Agency is collecting data on the companies’ users.

For example, the companies have petitioned the government to let them share more information about the number of NSA user-data requests they receive. And last month came reports that the NSA was secretly tapping into Yahoo and Google data passing through servers outside the United States.

The companies are stuck between a rock and a hard place: the perception that they are cooperating with the government and turning over user data — which they say they do only when legally compelled to do so — or the perception that their security measures are weak.

This morning’s encryption promise also follows Yahoo’s earlier stated commitment to encrypt Yahoo Mail by Jan. 8. But as Mike Murphy wrote for SiliconBeat recently, Yahoo is coming late to a party already being attended by Google, Facebook and Microsoft. However, after reports that the NSA has already cracked today’s common encryption technology, Yahoo and the other companies are working to implement stronger security measures such as 2048-bit key encryption — which reportedly isn’t expected to be easily cracked till 2030.


Photo of Yahoo headquarters by Getty Images



Tags: , , ,


Share this Post

  • TROWA07

    Its only the connections? google is already using SSL. but they still got snooped. How about email encryption and PKI?