Facebook offers HTTPS encryption

Powered by SC Magazine
 

Sacrifices some of its apps.

Facebook has taken heed of calls to bolster its security, announcing an "opt-in" session encryption feature that temporarily threatens the functionality of many of its apps customers.

"If you've ever done your shopping or banking online, you may have noticed a small "lock" icon appear in your address bar, or that the address bar has turned green," explained Facebook security engineer, Alex Rice, on Wednesday.

"This indicates that your browser is using a secure connection ("HTTPS") to communicate with the website and ensure that the information you send remains private."

Facebook's new security feature comes at a price for both customers and users, according to Rice, which may explain why Facebook had not deployed the feature earlier.

"Some Facebook features, including many third-party applications, are not currently supported in HTTPS. We'll be working hard to resolve these remaining issues," said Rice.

Another cost to users was that encrypted pages may take longer to load. "You may notice that Facebook is slower using HTTPS," Rice warned.

Facebook's opt-in strategy appears to have been aimed at harm-minimisation for its apps customers, with the feature requiring activation via Facebook's Account Settings page.

The new security feature follows concerns raised over Facebook's lack of HTTPS after session hijacking tool Firesheep was released last year. The tool exploited security gaps available when users accessed Facebook from public WiFi hotspots.

Rice recommended users consider enabling the option if they regularly accessed Facebook from, for example, at libraries or coffee shops.

The new feature would be available in the coming weeks while a default encrypted session may be on the cards, according to Rice.

"We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future," he said.

Copyright © iTnews.com.au . All rights reserved.


Facebook offers HTTPS encryption
 
 
 
Top Stories
ATO releases long-awaited Bitcoin guidance
Everyday investors escape the tax man.
 
Why the Weather Bureau’s new supercomputer is a 'gamechanger'
IT transformation starts to reap results.
 
Sydney Trains chief thinks beyond Opal
Plots app to help you find a seat on the train.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  66%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  7%
 
Insider threats
  12%
TOTAL VOTES: 414

Vote