HTTPS Option Expanded to the Full Facebook Experience (Updated)
BY Nancy Scola | Wednesday, January 26 2011
Facebook announced earlier today that the company is enabling the HTTPS protocol site-wide as an option for interested users, and the Washington Post's Rob Pegoraro has some additional details. You'll have to tweak your account settings if you want to go the secure route, and why might you want to? HTTPS makes your web traffic harder to monitor, and so here Facebook is giving users a more protected way of engaging with the site (though it's worth pointing out that making it an option, rather than the default, only goes so far in making HTTPS the standard operating stand of the web). And as we've noted in reporting on Access's on-going campaign called "Demand HTTPS," that's all well and good if you're logging on from say, New York or San Francisco, but it's something that might prove particularly useful if you're an activist planning a street protest in Tunisia or sustaining a resistance movement in Egypt.
Image via AccessAdded:Access's Brett Solomon fleshes out why Facebook's opting for the opt-in HTTPS route might advance security only part of the way."We're obviously pleased to see that Facebook has taken this step," said Solomon when I reached him by phone this afternoon, and he went on to praise the move.
"Having said that," he added, "Facebook should quickly move to make HTTPS by default with an opt-out instead of an opt-in. The time is now for HTTPS to be implemented by default, the reason being that there's a massive education campaign that would have to be done to alert the people at risk. And the people who are probably most at risk would be those least likely to know that HTTPS is an option for them." Solomon cited the limited reach of the tech press and Facebook's quiet roll-out of the new choice.
"If you're seeing your friends getting arrested, the chance that you're going to go and tweak your account settings [to switch to HTTPS] is an unlikely one."