Facebook Goes HTTPS
This week, Facebook announced HTTPS support for all communication between its servers and end users’ web browsers. This is the right thing for Facebook to do in light of recent proof that session hijacking of Web 2.0 applications is both easy and increasingly common with tools like Firesheep. While HTTPS is not yet on by default (users have to specify HTTPS in the Facebook URL), that is the stated intention. Note that Gmail went to default HTTPS a year ago.
Both of these moves highlight an important trend – applications will increasingly use encryption for privacy and security reasons. Meaning that enterprises seeking to identify and control which applications run on their networks (are there any that DON’T want to, given the use of applications as a threat vector?) will have an increasingly difficult time absent the ability to decrypt outbound SSL.
…Continue reading
posted by: Chris King on January 13, 2011 5:39 PM
filed in: Application Advisory/Analysis, Application Advisory/Analysis
Personal Digital Content Access Anywhere and Everywhere
In our content updates over the last two weeks, we included App-IDs for 8 new applications – 3 of which are very interesting to me, as evidence for the continued movement towards browser-based filesharing, and another as proof of the increasingly common user expectation that personal digital content should be available everywhere – including at the office.
