back to article 'Good job, NSA! You turned Yahoo! into an encryption beast'

Yahoo! has announced major encryption improvements designed to thwart dragnet surveillance efforts by the likes of the NSA. Alex Stamos, Yahoo!'s recently appointed CISO (chief information security officer), said the internet giant has finished encrypting traffic between its data centres. Stamos also outlined a roadmap for …


This topic is closed for new posts.
  1. Rick Giles
    Black Helicopters


    But can they remove the NSA code from their servers now?

  2. Duncan Macdonald

    How long ?

    How long will it take the NSA to get the keys ?

    Once the NSA have the keys then the comms might just as well be in plain text.

    My guess is that the NSA have already got hold of the keys.

    "We are now encrypting all our traffic to reduce the public fear - don't worry NSA here is your copy of the keys"

    1. Dan 55 Silver badge

      Re: How long ?

      Can't do that with PFS. Each session has a different encryption key.

      Well done Yahoo (never thought I'd say that)...

    2. Anonymous Coward
      Black Helicopters

      How long will it take the NSA to get the keys ?

      Not very long...

      Because those yahoo's at yahoo know that they are required by law to hand them over...

      1. Anonymous Coward
        Anonymous Coward

        Re: How long will it take the NSA to get the keys ?

        Leaks by whistleblower Edward Snowden revealed that Google and Yahoo! data centre interconnects were being tapped by the Obama's NSA's spies as part of a programme code-named MUSCULAR.

        There. Fixed it for ya', seeing as Obama signed the Executive Order for MUSCULAR.

        1. Anonymous Coward
          Anonymous Coward

          Re: How long will it take the NSA to get the keys ?

          Bush signed THE PATRIOT act, which is quite terrifyingly worse. With the NSA you could almost apply "If you have nothing to hide you have nothing to fear... But boy will they dig deep!", with the Patriot act everyone is held in fear. You can be declared a terrorist for no significant reason and be held outwith due process just for stepping out of line.

          So, you lose.

          1. Anonymous Coward
            Anonymous Coward

            Re: How long will it take the NSA to get the keys ?

            Bush signed THE PATRIOT act

            So did Obama. Twice. Obama even expanded upon the PATRIOT act.

            What's your point?

            1. T. F. M. Reader

              Re: How long will it take the NSA to get the keys ?

              And FISA and the secret "courts", the legal foundations for the PATRIOT act and PRISM and MUSCULAR, date from 1978 (that's Carter). The only lesson of this history is that a two-party democracy is not guaranteed to act any better towards its citizens (or others) than one-party repressive regimes.

              To be fair, "is not guaranteed to" != "never does".

  3. Steve Knox

    I'm sure

    all sixteen of Yahoo's users appreciate this effort.

  4. Stevie


    Well, they had to do something to make it worthwhile navigating that eyeball-gougingly bad "user interface upgrade" they rolled out and snottily announced wouldn't be rolling back no matter how many people begged them to do so.

  5. Anonymous Coward
    Anonymous Coward

    What fools

    The masses of sheeple can't buy a clue. The NSA and other authorities are not the enemy they are the ones protecting your clueless arse. Nobody gives a rats arse about your e-mail or other conversations unless you are a crim or terrorist. Naturally if you are then you deserve what you get. The reason why governments don't divulge their security efforts is because of clueless sheeple who can't handle reality. Yahoo won't be able to stop authorities from properly monitoring conversations, as they should and that's a good thing.

    1. nsld
      Paris Hilton

      Re: What fools


      Why are you posting anonymously? Something to hide?

    2. Busby

      Re: What fools

      Obvious trolling and I shouldn't bite but...

      If you genuinely believe governments should be monitoring all electronic communications what the hell have you been smoking. How about in real life, lets imagine for a moment ten years down the line there are another series of leaks outlining how the government is using microphones and cameras on every connected device to monitor all conversations would you also think this is something they should be doing?

      I take it you view 1984 as an instruction manual rather than a cautionary tale?

      Sleepwalking into a total surveilance state has gone on for too many years mainly down to idiots parroting if you've nothing to hide then nothing to fear. Since your so certain no one is interested and theres no harm would you mind popping your email address and password on here?

      Just to clarify the reason governments aren't volunteering details on surveilance methods isn't because of clueless sheeple instead as we have discovered due to Snowdon it's because they are either illegal or a totally unnecessary invasion of privacy.

      How do you feel about the US monitoring all european communications, or if your that side of the atlantic how do you feel about GCHQ in the UK monitoring yours?

      AC because you work for who exactly? Guessing it's a company that makes a lot of money from selling the kit necessary for the monitoring or your an out and out shill.

      1. Tachikoma

        Re: What fools

        if you've nothing to hide then nothing to fear

        I pity the AI/serf that has to trawl through my inbox, lets have a look:

        Firebox spam

        Giffgaff spam

        Humble Bundle spam

        Amazon spam

        Sony spam

        Ebuyer spam

        Amazon spam again

        Ebuyer spam again

        HMV spam spam

        Would be nice to have something to at least blush over (other than my taste in books from Amazon) if someone was to intercept it...

        1. Ilsa Loving

          Re: What fools

          "Would be nice to have something to at least blush over (other than my taste in books from Amazon) if someone was to intercept it..."

          We see that you bought a copy of Sandra Hill's Rough and Ready. We... we'll stop looking at your stuff now.



    3. hapticz

      Re: What fools

      per the ratings, it seems there's more criminals reading and rating these comments. who you trust is quite a relative relationship these days, i dare say very few persons are 'as pure as the driven snow(den)' and most are in some way complicit in some crime or accessories to breaking some 'law'. lets start with the bare essentials, those who create these laws that protect specialized groups while eliminating ones who don't serve the needs of those specialized groups.

  6. Semtex451

    What! Happened! To! The! Stupid! Yahoo! Headline! System!

    I'm just asking.

    Somehow without a single question mark...


    1. rm -rf *.*

      Was! Wondering! The! Same! Thing! Myself!

      Don't! You! Change! On! Us! Now! El Reg!

      1. diodesign (Written by Reg staff) Silver badge

        Re: Was! Wondering! The! Same! Thing! Myself!

        There, fixed.


        1. James O'Brien

          Re: Was! Wondering! The! Same! Thing! Myself!

          And about time you fixed your mistake dio :P Stop slacking around the water cooler telling stories about your night out with a lovely young blonde from accounting and get back to making sure these headlines are right :P

          God I love these comments.

  7. chuckufarley Silver badge

    ..." the project to improve security at Yahoo! will never be completed."

    I am sure it won't.

  8. Da Andersson

    Such a waste of time

    Asychronous encryption i.e RSA is not safe. Any encryption software

    from a US company is vulnerable to US court orders and RSA back doors.

    We also know that AES 256 takes a couple of weeks to crack but that

    means we can protect information with a news value.

    But despite any attempts from the World and his dog to protect information by

    encryption is doomed to fail as someone always keep an un-encrypted copy

    on US soil or accessible from the US and by that accessible by the US courts

    even if it protects from casual snooping by NSA.

    The only full protection is bespoke hardware encryption devices and an

    intelligent key distribution scheme. Any software based encryption schemes

    are just doomed to fail!

  9. Anonymous Coward
    Anonymous Coward

    A few hackers at Yahoo stops NSA reading emails.



  10. Anonymous Coward
    Anonymous Coward

    Conspiracy theory to the max

    So what if Snowden was a plant to make the US companies go all in with encryption to protect them from Chinese hackers?

    If only that was the case.

    1. hapticz

      Re: Conspiracy theory to the max

      intel agencies do seem to come up with some clever chess moves too. makes for good entertainment at least. the problem is, humans are a dicey blob of fairly predictable emotional reactions, making very little real use of their grey matter, and instead relying on their proclivity to have sex (and offspring) as a hedge against extinction.

  11. southpacificpom

    Yahoo hosted email

    Does this mean that the Yahoo hosted email service which my ISP uses won't be compromised every month now. Not that I use that poorly hosted shit anyway but at least normal users might get a less frustrating experience.

  12. Barrie Shepherd

    ha Ha Ha

    All the naughty boys are now using Yahoo to avoid the NSA Hahaha - the NSA are already there waiting with the decrypt keys.

This topic is closed for new posts.

Other stories you might like