Re: [OT] Global Roaming data plans and WiFi hacking
Facebook recently enabled the to ability to "Browse Facebook on a secure connection (https) whenever possible" - http://blog.facebook.com/blog.php?post=486790652130 Yeah it took them a long while. And it definitely should be on https by default. Same applies to Twitter (which will work in https if you browse to it with the https url). That said, it also took Google a little while to roll out https as default for their gmail email service. I still remember when I first signed up for gmail and https was not enabled by default (it may/may not have been an option in those early days). Just found a blog post by Google about the change-over: http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html On 6 March 2011 18:10, David Connors wrote: > On 4 March 2011 16:59, Samuel Lai wrote: > >> Some hope that HTTPS will do to HTTP what SSH did to telnet. Digital >> certificate infrastructure is still a bit of a mess though. >> > > Not really. The main problem is people running online businesses/social > media sites etc who think that $100 for a cert is a lot of money. > > Eg Facebook was just valued at $75bln. I think they can afford a few certs > and a crypto accelerator on their load balancers - they don't do it because > they're frickin retards. There is no other excuse. > > If you're going overseas and want secure access to stuff, get a VPS located > at a place you trust and do it over RDP over SSL or VPN back into a trusted > network and use that VPN connection as your default gateway. > > -- > *David Connors* | da...@codify.com | www.codify.com > Software Engineer > Codify Pty Ltd > Phone: +61 (7) 3210 6268 | Facsimile: +61 (7) 3210 6269 | Mobile: +61 417 > 189 363 > V-Card: https://www.codify.com/cards/davidconnors > Address Info: https://www.codify.com/contact > >
Re: [OT] Global Roaming data plans and WiFi hacking
On Mon, Mar 7, 2011 at 12:50 PM, William Luu wrote: > Facebook recently enabled the to ability to "Browse Facebook on a secure > connection (https) whenever possible" - > http://blog.facebook.com/blog.php?post=486790652130 > > Yeah it took them a long while. And it definitely should be on https by > default. Same applies to Twitter (which will work in https if you browse to > it with the https url). > > That said, it also took Google a little while to roll out https as default > for their gmail email service. I still remember when I first signed up for > gmail and https was not enabled by default (it may/may not have been an > option in those early days). > > Just found a blog post by Google about the change-over: > http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html And it now has two factor authentication, which is worth turning on. > > > On 6 March 2011 18:10, David Connors wrote: >> >> On 4 March 2011 16:59, Samuel Lai wrote: >>> >>> Some hope that HTTPS will do to HTTP what SSH did to telnet. Digital >>> certificate infrastructure is still a bit of a mess though. >> >> Not really. The main problem is people running online businesses/social >> media sites etc who think that $100 for a cert is a lot of money. >> Eg Facebook was just valued at $75bln. I think they can afford a few certs >> and a crypto accelerator on their load balancers - they don't do it because >> they're frickin retards. There is no other excuse. >> If you're going overseas and want secure access to stuff, get a VPS >> located at a place you trust and do it over RDP over SSL or VPN back into a >> trusted network and use that VPN connection as your default gateway. >> -- >> David Connors | da...@codify.com | www.codify.com >> Software Engineer >> Codify Pty Ltd >> Phone: +61 (7) 3210 6268 | Facsimile: +61 (7) 3210 6269 | Mobile: +61 417 >> 189 363 >> V-Card: https://www.codify.com/cards/davidconnors >> Address Info: https://www.codify.com/contact >> > > -- Meski "Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough" - Adam Hills
Re: [OT] Global Roaming data plans and WiFi hacking
On 7 March 2011 15:14, mike smith wrote: > On Mon, Mar 7, 2011 at 12:50 PM, William Luu wrote: > > > Just found a blog post by Google about the change-over: > > > http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html > > And it now has two factor authentication, which is worth turning on. > How?
Re: [OT] Global Roaming data plans and WiFi hacking
On Mon, Mar 7, 2011 at 3:46 PM, David Burstin wrote: > > > On 7 March 2011 15:14, mike smith wrote: >> >> On Mon, Mar 7, 2011 at 12:50 PM, William Luu wrote: >> >> > Just found a blog post by Google about the change-over: >> > >> > http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html >> >> And it now has two factor authentication, which is worth turning on. > > How? > > Click on settings at top RH corner, then 'Accounts and import' then 'other google account settings' Under security should be 'using two step verification' -- Meski "Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough" - Adam Hills
