Security Expert: Yahoo's Email Encryption Needs Work

Security Expert: Yahoo's Email Encryption Needs Work 123

Posted by samzenpus on Thursday January 09, 2014 @03:08AM from the feeling-secure dept.

itwbennett writes "On Tuesday, Yahoo delivered on a promise that it made in October to enable email encryption for everyone by default by January 8. While this is a great step, the company's HTTPS implementation appears to be inconsistent across servers and even technically insecure in some cases, according to Ivan Ristic, director of application security research at security firm Qualys. For example, some of Yahoo's HTTPS email servers use RC4 as the preferred cipher with most clients. 'RC4 is considered weak, which is why we advise that people either don't use it, or if they feel they must, use it as a last resort,' Ristic said."

Security Expert: Yahoo's Email Encryption Needs Work

Search 123 Comments Log In/Create an Account

Comments Filter:

Re:Momentum (Score:5, Funny)

by Arker ( 91948 ) writes: on Thursday January 09, 2014 @03:38AM (#45904845) Homepage

Lots of these people actually think their email account is tied to their computer. They think they would have to get a new computer to change email accounts.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Security Expert: Yahoo's Email Encryption Needs Work 123

Security Expert: Yahoo's Email Encryption Needs Work More Login

Security Expert: Yahoo's Email Encryption Needs Work

Re:Momentum (Score:5, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot