Twitter moves to default HTTPS

Powered by SC Magazine
 

HTTPS no longer an option.

Twitter will move user sessions to HTTPS by default.

The social networking site said users will be moved to HTTPS after the technology was introduced as an option earlier this year.

The news follows another recent announcement from Yahoo!in which it defended its lack of HTTPS for webmail.

“The Yahoo! Mail team is actively engaged in developing and testing more secure platforms for our users that keep performance top of mind. This is a complex and challenging area but Yahoo! is committed to ultimately bringing a solution to the marketplace.”

HTTPS, and SSL level encryption which the traffic is sent through, made headlines when the Mozilla Firefox extension Firesheep demonstrated the ease at which HTTP sessions could be hijacked.

That also made it possible for a third party to impersonate users by hijacking their sessions.

Qualys director of engineering Ivan Ristic said more websites should offer secure connectivity.

“Our research found that most sites fail to use SSL properly, which means that they are simply not secure. We are not even talking about getting everything right, most sites fail to get the basics right," he said.

“The only way to be secure is to have sites that have 100 percent SSL coverage, but such sites are still very rare.

“When Firesheep appeared, it showed how easy it actually was to hack non-SSL sessions and people responded to the threat. My conclusion is that developers, on average, are simply not aware of security issues and they need a highly public event to notice them.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition


Twitter moves to default HTTPS
Tags
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1786

Vote
Do you support the abolition of the Office of the Information Commissioner?