Response to Snowden revelations aims to make encryption the default for all traffic through Yahoo

This article is more than 6 years old

This article is more than 6 years old

Yahoo has announced major steps to encrypt its users' data in the wake of whistleblower Edward Snowden’s revelations about the extent of government surveillance of private citizens.

Alex Stamos, Yahoo’s recently appointed chief information security officer, said on Wednesday his ultimate aim was to make sure “all traffic through Yahoo will be encrypted by default”.

The company set out details of its moves in a blog post. They include:

Traffic moving between Yahoo data centres is now fully encrypted.



Yahoo has enabled encryption of mail between its servers and other mail providers.



The Yahoo homepage and all search queries that run on it have https encryption enabled by default.



Yahoo News, Yahoo Sports, Yahoo Finance, and Good Morning America on Yahoo can be encrypted by typing “https” before the site URL in their web browser.



A new, encrypted, version of Yahoo Messenger will be deployed within months to stop mass government spying on webcam chats .



Stamos, a well-known security researcher, was an outspoken critic of the National Security Agency’s (NSA) mass surveillance programme before he joined Yahoo.

He said the moves would make it much more difficult for governments, or other parties, to collect information wholesale from the public.

“The goal is all traffic to and from Yahoo users is going to be encrypted all the time by default, and invisibly. This is not going to be something you have to think about all the time,” he said. “Preventing surveillance of millions of people at a time is totally within our abilities,” Stamos said.

Yahoo was working with thousands of partners to make sure encryption was as widespread as possible, and pushing media partners and advertisers to encrypt by default.

“What we are hoping to do by this is to get a big chunk of the internet and advertising infrastructure gets separated and then it gets easier for people to fall behind and follow,” he said.

“Anything we can do to protect users against widespread, no-targeted surveillance is our duty,” he said.

Stamos said he had not spoken to government representatives about the changes. Yahoo, with rivals including Google, Facebook and Microsoft, has been pressing for more oversight of the government’s surveillance of users after a fierce backlash over the extent of their involvement with the NSA.

Stamos said Yahoo’s chief executive, Marissa Mayer, was intimately involved in the project.

“The reason I took this job is because she is very into the trust and safety of users,” he said.