Yahoo is finally turning SSL encryption on by default for its email users, after claims the National Security Agency had acquired masses of address books from the company and its rivals.
The latest NSA leaks indicated Yahoo contact lists were far more targeted than others. On a single day last year, the NSA’s Special Source Operations grabbed 444,743 email address books from Yahoo, considerably more than 105,068 from Hotmail, 82,857 from Facebook and 33,697 from Gmail.
If that was a typical day, the Washington Post reported, the NSA could be collecting as many as 250 million address books a year from email and instant messaging bodies.
These contact books don’t just contain a name and an email or IM contact, but address and telephone details too.
The reason why Yahoo is being targeted far more than others may be because of its lack of SSL by default, which provides encryption around communications. Starting in January, it will encrypt all of its users’ email, a spokesperson said.
The other providers named in the report have all had HTTPS communications turned on by default for some time.
Facebook and Google said they were unaware of any NSA targeting of their users’ contact books, whilst Microsoft said it “would have significant concerns if these allegations about government actions are true”.
It appears the NSA is harvesting the data when it is in transit, not at rest, by tapping pieces of Internet infrastructure. If true, it would not have to collude with any of those Internet giants to get at the data.
Whilst Yahoo has proven it fought US intelligence data requests vociferously in the past, the company has faced criticism over its security. It was lambasted for offering security researchers a $12.50 voucher for finding vulnerabilities last month and subsequently pushed out a full bug bounty programme.
Its email users were left open to attacks earlier in the year, thanks to some failed software patches.
Are you a security expert? Try our quiz!
American space agency prepares for testing of Boeing's Starliner, to ensure it has two space…
As UK and Europe develop closer military ties, European Commission says it will invest €1.3…
Zuckerberg seeks to revive Facebook's original spirit, as Meta launches Facebook Friends tab, so users…
Notable development for Meta, after appeal against 2021 WhatsApp privacy fine is backed by advisor…
First sign of shake-up under new CEO Lip-Bu Tan? Three Intel board members confirm they…
Trump's nominee for SEC Chairman, Paul Atkins, has pledged a “rational, coherent, and principled approach”…
View Comments
Here is some simple tips to boost your Yahoo Email Security: http://www.purevpn.com/blog/boost-your-yahoo-email-security-with-these-simple-tips/