Far too many people still aren’t taking the Web security holes that Firefox exposed seriously. I can still sit in any coffee house and look over most users’ shoulders to see what they’re doing on the Web. Facebook to its credit though has taken the threat seriously and is now offering secure Internet connections using HTTPS to its users.
According to Alex Rice, a Facebook security engineer, “Starting today we’ll provide you with the ability to experience Facebook entirely over HTTPS. You should consider enabling this option if you frequently use Facebook from public Internet access points found at coffee shops, airports, libraries or schools. The option will exist as part of our advanced security features, which you can find in the ‘Account Security’ section of the Account Settings page.”
Rice adds, “There are a few things you should keep in mind before deciding to enable HTTPS. Encrypted pages take longer to load, so you may notice that Facebook is slower using HTTPS. In addition, some Facebook features, including many third-party applications, are not currently supported in HTTPS. We’ll be working hard to resolve these remaining issues. We are rolling this out slowly over the next few weeks, but you will be able to turn this feature on in your Account Settings soon. We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future.”
That’s not quite true. Transport Layer Security (TLS) and Secure Sockets Layer (SSL) or TLS/SSL over HTTP (HTTPS) used to be cost a lot in terms of computer performance. Today, though, if you have a newer PC and you’re not running multiple applications running at once, you shouldn’t notice any significant performance penalty.