Here's good news for Twitter addicts: the micro-blogging service has kicked security up a notch by enabling secure HTTP (https) by default.
In an earlier blog post, Twitter said it had offered HTTPS as an option in accessing witter on the Web last year, though not yet by default.
"This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network," it noted.
Now, HTTPS will be on by default for all users, whenever one signs in to Twitter.com.
But Twitter said those who still prefer not use HTTPS can turn it off via the Account Settings page.
"HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients," it said.
Computer secuity firm Sophos lauded Twitter for the move, saying it will help protect the privacy of millions of users.
A Sophos blog post warned not having HTTPS enabled risks allowing a hacker could sniff one's session cookie - "and pretend to be you."
"That means they can post tweets as you or read your private direct messages. And you don't want that," it said.
Sophos noted Twitter first announced that it was planning to roll out HTTPS by default last August, "so it's great to see the process finally completed."
But Sophos also noted Facebook has yet to turn on HTTPS and SSL by default, "it is still disabled by default and even when enabled only claims it will be used 'when possible.'" — TJD, GMA News
There are no comments yet