back to article Twitter finally grabs wheel, drives all twits into HTTPS

Twitter has finally bedded down secure browsing on its site for all users after previously offering HTTPS as an optional feature. In March last year it debuted the opt-in setting that enabled Secure Sockets Layer encryption, but explained at the time that the option would not be switched on by default. The secure-browsing …

COMMENTS

This topic is closed for new posts.
Silver badge
Thumb Up

Well, hell... finally...

After reading all the accounts of hacks and hijacks on The Reg, one of the first things I did when I got on Twitter was to choose the https option.

0
0

HTTPS is NOT secure in cafe's

There are linux live distros out there designed to act as a "dirty" hotspot!

Park near a cafe with van and decent antennae - swampout cafe's wifi and

snap up customers, fudge DNS and provide one or two CA's and CERT servers

and hey presto all HTTPS traffic is MITM readable. This sort of stuff

is old hat and so very very noddy.

This is done at almost every sec conf - with the muppets who use these services

getting hit by various pranks.

A VPN home and route traffic through a secured tunnel is the only safe option.

FYI I dont even trust my ISP's DNS after some of the dirty tricks they have tried on

in the past N years - never mind a coffee shops offerings.

0
2
Anonymous Coward

> presto all HTTPS traffic is MITM readable.

That's not how SSL works. To perform a MITM attack without a browser exploit, and without warning or redirecting the user, the attacker would need an SSL cert for the targeted site, and the SSL cert would need to be signed by a trusted CA. There have been CAs that get compromised, so there are fake certs floating around, but it's not common. So no, this doesn't happen very often.

1
0
Anonymous Coward

Re: HTTPS is NOT secure in cafe's

Jacqui - clearly you don't understand how HTTPS works -.-'

0
0
Bronze badge
Coat

FINALLY!

God forbid any of that mindless drivel get intercepted by anyone. Now the world can be a safer place to tweet, for all the twits using it.

1
0
Anonymous Coward

Hooray

I'm pooping. Securely.

1
0
Anonymous Coward

Securapoop

Are ya wearing lead lined Depends?

0
0
This topic is closed for new posts.

Forums