Browse archive

Latest news

CISOs need to engage with the board

Wi-Fi client security weaknesses still prevalent

Find TrueCrypt and BitLocker encrypted containers and images

Sourcefire goes beyond the sandbox

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

U.S. Congress has questions about Google Glass and privacy

Cyber espionage campaign uses professionally-made malware

Form-grabbing rootkit sold on underground forums

Large cyber espionage emanating from India

Over 45% of IT pros snitch on their colleagues

Thoughts on the need for anonymity

IT security jobs: What's in demand and how to meet it

Hacking charge stations for electric cars

HTTPS for Yahoo! Mail is now available

Posted on 09 January 2013.

Yahoo has finally decided to offer to the users of its popular Yahoo! Mail service the option of encrypting their entire webmail session by switching on the Secure Sockets Layer (SSL) cryptographic protocol, the Electronic Frontier Foundation reports.

The protocol is meant to prevent attackers to eavesdrop on the users' electronic communication, especially when using public wifi hotspots, and its use is signalized by the HTTPS expression preceding the URL.

Unfortunately, Yahoo hasn't switched on SSL by default, but has left to users the option to enable it in their accounts. Yahoo! Mail users are advised to do so in their account Options (click on the screenshot to enlarge it):

Of the largest webmail providers, Google (Gmail) and Microsoft (Hotmail) have made the same move in 2010 - Google in the wake of the Aurora attacks, and Microsoft started with HTTPS enabled for login soon after.

It now remains to be seen if AOL will finally follow suit.