After more than a year of pressure, Yahoo is finally encrypting all its users’ emails, automatically, via Secure Sockets Layer (SSL).
That means it’s going to be a little more difficult for some governments to track those emails. It’s not to say, however, that Yahoo Mail is impervious to more advanced spies like the National Security Agency or its partner agencies around the world. But it’s long overdue: privacy advocates have been openly pushing Yahoo to make the move for more than a year, and Gmail made the move back in 2008. Yahoo did finally give their user the option to use SSL—denoted by HTTPS in your browser’s URL bar—back in January 2013.
It’s not all roses, however. Prominent security researcher Ashkan Soltani described Yahoo’s HTTPS as “using the crappiest cipher suites available.”
Yahoo has previously put forth a good face when it comes to protecting users’ communications from snooping eyes. It was the sole American tech company to contest the NSA‘s demands for users’ data, which it did in 2008. News of that case was hidden from the public until after former contractor Edward Snowden leaked evidence of the NSA’s domestic surveillance programs.
Of course, whether your favorite email provider uses good HTTPS, or uses it at all, is a moot point if you follow the EFF’s advice and install HTTPS everywhere.
Photo by FutUndBeidl/Flickr (Remix by Fernando Alfonso III)