YAHOO IS SHORING UP its systems and applying a thick layer of encryption to its services.
The firm is swathing its email, searches and data transfers in a cloak that should protect them from the US National Security Agency (NSA). New hire Alex Stamos, who is Yahoo's CISO, said that the added protection is the result of hard work that began in November 2013.
"When I joined Yahoo four weeks ago, we were in the middle of a massive project to protect our users and their data through the deployment of encryption technologies," he said.
"Hundreds of Yahoos have been working around the clock over the last several months to provide a more secure experience for our users and we want to do even more moving forward. Our goal is to encrypt our entire platform for all users at all time, by default."
These plans are well advanced, he said, and now users can do things like enter HTTPS at the start of a Yahoo website address and bask in additional security. Yahoo already shored up its email service in January, and Stamos said that all data that travels between its data centres is now fully encrypted.
There is more to come from the firm and Stamos wants to encourage other companies to follow Yahoo's lead.
"One of our biggest areas of focus in the coming months is to work with and encourage thousands of our partners across all of Yahoo's hundreds of global properties to make sure that any data that is running on our network is secure," he added. "Our broader mission is to not only make Yahoo secure, but improve the security of the overall web ecosystem."
Yahoo is also planning to add HTTP Strict Transport Security (HSTS), Perfect Forward Secrecy and Certificate Transparency to its services in the coming months.
Encryption will also be added to Yahoo Messenger. µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted