Facebook recently enabled the to ability to "Browse Facebook on a secure connection (https) whenever possible" - http://blog.facebook.com/blog.php?post=486790652130
Yeah it took them a long while. And it definitely should be on https by default. Same applies to Twitter (which will work in https if you browse to it with the https url). That said, it also took Google a little while to roll out https as default for their gmail email service. I still remember when I first signed up for gmail and https was not enabled by default (it may/may not have been an option in those early days). Just found a blog post by Google about the change-over: http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html On 6 March 2011 18:10, David Connors <da...@codify.com> wrote: > On 4 March 2011 16:59, Samuel Lai <samuel....@gmail.com> wrote: > >> Some hope that HTTPS will do to HTTP what SSH did to telnet. Digital >> certificate infrastructure is still a bit of a mess though. >> > > Not really. The main problem is people running online businesses/social > media sites etc who think that $100 for a cert is a lot of money. > > Eg Facebook was just valued at $75bln. I think they can afford a few certs > and a crypto accelerator on their load balancers - they don't do it because > they're frickin retards. There is no other excuse. > > If you're going overseas and want secure access to stuff, get a VPS located > at a place you trust and do it over RDP over SSL or VPN back into a trusted > network and use that VPN connection as your default gateway. > > -- > *David Connors* | da...@codify.com | www.codify.com > Software Engineer > Codify Pty Ltd > Phone: +61 (7) 3210 6268 | Facsimile: +61 (7) 3210 6269 | Mobile: +61 417 > 189 363 > V-Card: https://www.codify.com/cards/davidconnors > Address Info: https://www.codify.com/contact > >
