Yahoo to Make SSL Encryption Default for All Mail Users in 2014

Yahoo is finally getting serious about users’ security.

Encryption will be the default setting for all users logging into Yahoo’s e-mail service beginning Jan. 8, the company told The Washington Post. “Yahoo takes the security of our users very seriously,” the company said in an e-mailed statement to the publication.

Although Yahoo has offered SSL encryption as an option to users since January, users must turn it on themselves if they want enhanced privacy. The option will be switched on for all Yahoo users early next year.

The feature “encrypts your mail as it moves between your browser and Yahoo’s servers,” according to the company.

Yahoo is definitely late to the SSL encryption party.

Google enabled HTTPS-only — a communications protocol for secure communication over a computer network — by default for all Gmail users three years ago.

Microsoft made SSL the default for it e-mail service in July of 2012 and Facebook set it as a default for U.S. users in February and globally in July.

“Yahoo Mail has lagged behind competitors such as Hotmail (in the process of being rebranded Outlook.com) and Gmail by not allowing users to access their email through HTTPS,” writes security expert Graham Cluley on the Sophos Naked Security blog.

“If you don’t have full-session HTTPS turned on for your webmail, anybody on your Wi-Fi network could read any of the emails you write and receive using a tool like FireSheep, as they are transmitted from Yahoo to your browser. That’s because, without HTTPS, they are sent as unencrypted text.”

Yahoo received a letter from privacy advocates late last year asking the company to up the security for Yahoo Mail.

The letter from the Electronic Frontier Foundation, ACLU, Reporters Without Borders and several other organizations asked Yahoo CEO Marissa Mayer to implement HTTPS by default to better protect its users.

“Over the last several years, Yahoo has repeatedly been urged by security experts to adopt HTTPS, but has taken no visible steps to do so. Unfortunately, this delay puts your users at risk, which is particularly disturbing since Yahoo Mail is widely used in many of the world’s most politically repressive states,” the letter reads. “There have been frequent reports of political activists and government critics being shown copies of their e-mail messages as evidence during interrogation sessions, underscoring the importance of providing basic measures to protect the privacy of e-mail. Where online communications platforms are essential channels for the free flow of information and outlets for expression, offering HTTPS by default is a critical step that Yahoo must take to blunt some of the effects of mass surveillance and censorship.”

Yahoo’s decision will no doubt be applauded, but will also be seen as a better late than never measure.


Facebook Buys Israeli Mobile Analytics Firm Onavo

October 15, 2013

Facebook has acquired Israeli start-up Onavo to bolster its data-saving capabilities as it spearheads internet.org, a project with the goal of making Internet access available to five billion new households by 2023.

The mobile analytics firm, which was acquired for an undisclosed sum, will play an important role in achieving Facebook’s goal of using data more efficiently in developing countries.

The idea behind Onavo, which was launched three years ago, is to help  “technology consumers and companies work more efficiently in a mobile world,” co-founder and CEO Guy Rosen and co-founder and CTO Roi Tiger said in a joint blog post Sunday.

“We’re excited to join their team, and hope to play a critical role in reaching one of internet.org’s most significant goals — using data more efficiently, so that more people around the world can connect and share,” the post reads. “When the transaction closes, we plan to continue running the Onavo mobile utility apps as a standalone brand. As always, we remain committed to the privacy of people who use our application and that commitment will not change.”

Onavo’s Tel-Aviv office is to become Facebook’s new Israeli office once the deal goes through.

Facebook and its internet.org partners — Ericsson, MediaTek, Nokia, Opera, Qualcomm and Samsung — recently released a white paper that lays out the group’s strategy.


What’s new for designers - 2013

The July edition of what’s new for web designers and developers includes new web apps, JavaScript resources, iOS 7 development tools, responsive design tools and frameworks, icons, e-commerce solutions, image apps, coding resources, and some really great new fonts.

Many of the resources below are free or very low cost, and are sure to be useful to a lot of designers and developers out there.

With Froont you can design websites directly in the browser with a simple drag and drop interface


Tabulous.js can be used with any contents you choose in the tabs and it is simple to use. It is a jQuery tabs module that offers a number of transition options, including scaling, sliding, and more with full documentation.


The Opa Framework for Java Script makes it simple to simultaneously write frontend and backend code in the same language, in the same module. It’s fully compatible with all standard JS libraries, includes database automation, and has HTML5 native support among other features.