Amazing. Twenty dollars a year for email service and still no full-session SSL/HTTPS ! Such a large company and yet they're not willing to protect their users from Firesheep and whatever else is out there by securing the entire webmail session. Heck, most free providers have full-time SSL nowadays ! I can't for the life of me figure out what Yahoo's excuse is for not providing it -- not even for paying customers !
I know a lot of people use and like Yahoo, but I for one am glad I closed my account years ago.