Yahoo bolsters encryption to thwart surveillance
SAN FRANCISCO >> Yahoo has added more layers of security in its effort to shield people’s online lives from government spying and other snooping.
The measures announced Wednesday include the completion of a system that encrypts all information being transmitted from one Yahoo data center to another. The technology is designed to make the emails and other digital information flowing through data centers indecipherable to outsiders.
Search requests made from Yahoo’s home page are also now automatically encrypted, and the Sunnyvale, Calif., company is promising to make it more difficult for unauthorized intruders to hack into other services, including video chats, within the next few months. Yahoo strengthened the security of its email in January.
“Whether or not our users understand it, I feel it’s our responsibility to keep them safe,” Alex Stamos, Yahoo’s recently hired chief information of security, told a small group of reporters.
Stamos, a former security consultant, joined Yahoo Inc. less than a month ago as part of the company’s anti-snooping crusade.
Yahoo and other major technology companies such as Google Inc. and Microsoft Crop. have made online security a top priority during the last 10 months amid a series of revelations about U.S. government programs that have vacuumed up personal information about millions of Web surfers in an effort to thwart terrorism. The wide-ranging surveillance has been outlined in documents leaked to the media by former National Security Agency contractor Edward Snowden.
Don't miss out on what's happening!
Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!
The technology industry’s indignant response has been driven by financial self-interest as well as an aversion to government prying. Most Internet services make money from ads that could be more difficult to sell if spying fears cause their audiences to shrink.
Yahoo, which has more than 800 million worldwide users, vowed late last year to encrypt its data centers by March 31 after reports that the U.S. government had been secretly infiltrating the lines that transfer information overseas.
Yahoo still lags behind Google’s encryption efforts. In an interview Wednesday, Stamos said Yahoo hasn’t been able to move as fast as it wants because many of its services rely on content and ads provided by thousands of other companies, including some that aren’t convinced that they need to encrypt.
For that reason, Yahoo’s widely used news, sports and finance sections still aren’t automatically encrypted. Visitors to those services can trigger an encrypted service by typing in “https” before the website’s address. Yahoo is confident that it will be able to persuade its content and advertising partners to take the steps needed to enable automatic encryption of those services later this year.
“Some partners already understand this is the way the wind is blowing,” Stamos said. “We are moving to a world where all content is encrypted all the time.”