Yahoo to encrypt all internal and user data by early next year

Marissa Mayer, by way of the official Yahoo Tumblr, has announced the plans to begin encrypting more data. This follows the recent news about encrypting Yahoo Mail. The mail encryption is coming by January 8, 2014 and promises https (SSL – Secure Sockets Layer) encryption with a 2048-bit key. This next phase of encryption is set to go into effect during Q1 2014.

According to details posted, this latest round of encryption will include information that moves between the Yahoo data centers as well as information that flows to and from Yahoo. Specifically here, the two items break down as follows;

  • Encrypt all information that moves between our data centers
  • Offer users an option to encrypt all data flow to/from Yahoo

This will be applied across all Yahoo products and are both expected to be in place by the end of Q1 2014. Along with these two bits, there was also mention of Yahoo working with international Mail partners to help ensure co-branded mail accounts are also https-enabled.

While this appears to be in response to recent reports of the National Security Agency (NSA) access Yahoo data, Mayer did also take this as an opportunity to remind users they have "never given access to our data centers to the NSA or to any other government agency." To drive the point home, that last bit was followed by another "Ever."

Anyway, it is not clear if this would fully block or stop the NSA from (not so) secretly accessing user data from Yahoo, but it sounds like a step in the right direction. And if nothing else, while these steps may not be enough to prevent NSA access, it should be enough to help keep user data a bit safer from the average snooping eyes.

SOURCE: Yahoo