{"id":3785,"date":"2014-08-11T10:00:48","date_gmt":"2014-08-11T14:00:48","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=3785"},"modified":"2020-02-26T18:58:56","modified_gmt":"2020-02-26T14:58:56","slug":"yahoo_end_to_end_encryption","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/yahoo_end_to_end_encryption\/3785\/","title":{"rendered":"Yahoo to Encrypt All Email, Data Center Connections"},"content":{"rendered":"<p>LAS VEGAS \u2013 For a long time, Yahoo failed to implement default encryption across its many web services, lagging behind many of its rivals in terms of security and privacy and attracting the scorn of digital advocacy groups as a result. However, over the last year or so, the company has gotten very serious about encryption very fast, and is rapidly moving toward a place where its adoption of encryption and its security and privacy posture are on par with the likes of Google and Microsoft.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2014\/08\/05111551\/14850679454_c69f0b169d_o-1024x682-1.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-5655 size-large\" src=\"https:\/\/me-en.kaspersky.com\/blog\/files\/2014\/08\/14850679454_c69f0b169d_o-1024x682-1-1024x682.jpg\" alt=\"14850679454_c69f0b169d_o\" width=\"1024\" height=\"682\"><\/a><\/p>\n<p style=\"text-align: center\"><em><span style=\"color: #222222\">Image via Black Hat USA 2014<\/span><\/em><\/p>\n<p>Yahoo says it will enable end-to-end encryption for all of its Mail users next year, meaning the contents of user mail will be encrypted from the user\u2019s machine, through Yahoo\u2019s servers and all the way along to the recipient. The company is working with Google on the project and the encryption will be transparent and easy to use.<\/p>\n<div class=\"pullquote\">\u201cPost-Snowden, we have a strain of nihilism that\u2019s keeping us from focusing on what\u2019s real. We as an industry have failed. We\u2019ve failed to keep users safe.\u201d<\/div>\n<p>In a briefing at Black Hat this week in Las Vegas, Nevada, Alex Stamos, the somewhat newly appointed chief information security officer at Yahoo, said that the project is and has been a priority throughout his tenure.<\/p>\n<p>Yahoo is <a href=\"https:\/\/threatpost.com\/yahoo-to-release-end-to-end-encryption-for-email-users\/107653\" target=\"_blank\" rel=\"noopener nofollow\">reportedly<\/a> using a browser plugin Google released for Chrome in June that enables <a href=\"https:\/\/www.kaspersky.com\/blog\/chrome_ext_encrypt_data_leaving_browser\/\" target=\"_blank\" rel=\"noopener nofollow\">end-to-end encryption of all data leaving the browser<\/a>. The partnership between Yahoo and Google is important, Stamos explained, because it will ensure that communication between Yahoo Mail and Gmail users are strongly encrypted.<\/p>\n<p>\u201cThe goal is to have complete compatibility with Gmail,\u201d Stamos said Thursday.<\/p>\n<p>Other security improvements for Yahoo include the implementation of HSTS (HTTP strict transport security, which allows Web sites to force encrypted connections on a user\u2019s browser, and certificate transparency, which uses public logs of trusted certificate authorities and the certificates they endorse in order to stem website spoofing and other man-in-the-middle attacks.<\/p>\n<p>These moves should significantly improve Yahoo\u2019s marks on the Electronic Frontier Foundation\u2019s annual \u201c<a href=\"https:\/\/www.kaspersky.com\/blog\/eff-report\/\" target=\"_blank\" rel=\"noopener nofollow\">Who\u2019s Got Your Back?<\/a>\u201d and <a href=\"https:\/\/www.kaspersky.com\/blog\/whos-using-encryption-whos-not\/\" target=\"_blank\" rel=\"noopener nofollow\">encryption reports<\/a>. Of course, far more important than that, it means users will be able to communicate securely and privately with far less fear of eaves dropping regardless of their level of technical savvy.<\/p>\n<p>\u201cPost-Snowden, we have a strain of nihilism that\u2019s keeping us from focusing on what\u2019s real,\u201d Stamos said. \u201cWe as an industry have failed. We\u2019ve failed to keep users safe.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Former laggard @Yahoo is making strong improvements in #security and #privacy with #crypto implementation<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FxYf5&amp;text=Former+laggard+%40Yahoo+is+making+strong+improvements+in+%23security+and+%23privacy+with+%23crypto+implementation\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Yahoo plans to implement end-to-end encryption for all of its mail users, giving normal, non-technical users the power to communicate securely and privately.<\/p>\n","protected":false},"author":42,"featured_media":3786,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[740,261,43,97,751],"class_list":{"0":"post-3785","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-black-hat","9":"tag-encryption","10":"tag-privacy","11":"tag-security-2","12":"tag-yahoo"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/yahoo_end_to_end_encryption\/3785\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/yahoo_end_to_end_encryption\/3878\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/yahoo_end_to_end_encryption\/4270\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/yahoo_end_to_end_encryption\/5654\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/yahoo_end_to_end_encryption\/4492\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/yahoo_end_to_end_encryption\/5654\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/yahoo_end_to_end_encryption\/5654\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/black-hat\/","name":"black hat"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=3785"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3785\/revisions"}],"predecessor-version":[{"id":15890,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/3785\/revisions\/15890"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/3786"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=3785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=3785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=3785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}