Facebook offers HTTPS encryption

Powered by SC Magazine
 

Sacrifices some of its apps.

Facebook has taken heed of calls to bolster its security, announcing an "opt-in" session encryption feature that temporarily threatens the functionality of many of its apps customers.

"If you've ever done your shopping or banking online, you may have noticed a small "lock" icon appear in your address bar, or that the address bar has turned green," explained Facebook security engineer, Alex Rice, on Wednesday.

"This indicates that your browser is using a secure connection ("HTTPS") to communicate with the website and ensure that the information you send remains private."

Facebook's new security feature comes at a price for both customers and users, according to Rice, which may explain why Facebook had not deployed the feature earlier.

"Some Facebook features, including many third-party applications, are not currently supported in HTTPS. We'll be working hard to resolve these remaining issues," said Rice.

Another cost to users was that encrypted pages may take longer to load. "You may notice that Facebook is slower using HTTPS," Rice warned.

Facebook's opt-in strategy appears to have been aimed at harm-minimisation for its apps customers, with the feature requiring activation via Facebook's Account Settings page.

The new security feature follows concerns raised over Facebook's lack of HTTPS after session hijacking tool Firesheep was released last year. The tool exploited security gaps available when users accessed Facebook from public WiFi hotspots.

Rice recommended users consider enabling the option if they regularly accessed Facebook from, for example, at libraries or coffee shops.

The new feature would be available in the coming weeks while a default encrypted session may be on the cards, according to Rice.

"We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future," he said.

Copyright © iTnews.com.au . All rights reserved.


Facebook offers HTTPS encryption
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  25%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 819

Vote