Facebook enables https per default to all users

Finally, after two years from the first release of the feature and hoping that the users will switch to https, Facebook enforces now https to all users by default. This feature means that your browser is told to communicate with Facebook using a secure connection, as indicated by the “https” rather than “http” in https://www.facebook.com.

facebook

 

This uses Transport Layer Security (TLS), formerly known as Secure Sockets Layer (SSL), and makes the communication between your browser and Facebook servers more secure.

According to Facebook, more than a third of users had enabled the feature following its introduction. The option could not be activated for all users from the beginning because of technical difficulties. For example, enabling TLS will basically double the time of downloading the content from the website. In order for the redirect to work for most users, Facebook had to tweak a lot of things which can be seen in the original post.

For the normal user, this means more security with a minimal cost of slowing down a bit the browsing. TLS/SSL prevents man-in-the middle attacks which could steal login cookies and pretend to communicate with Facebook as the user.

The best part is that no user has to do anything.

 

Sorin Mustaca

IT Security Expert

 

via Avira – TechBlog http://techblog.avira.com/2013/08/02/facebook-enables-https-per-default-to-all-users/en/


© Copyright 2013 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close