Facebook insecure by design

Jeroen Massar jeroen at unfix.org
Sun Oct 23 18:11:47 UTC 2011

[hmmm this subject is not really ops now is it...]

On 2011-10-23 19:43 , steve pirk [egrep] wrote:
> Just about everything on Google pages is https these days, even search if
> you enable it.

(or just use https://encrypted.google.com which is available for quite
some time already)

> If anybody on this thread uses gmail com a you really ought to take a look
> at google plus. Compare the way user privacy is the primary objective,
> versus the share everything by default of facebook.

Since when is encrypting a transport (in this case using TLS/SSL) 'user
privacy' ?

The only thing it is protecting is intermediate networks sniffing or
even modifying the traffic and more importantly for the company who gets
all your private information: their revenue stream when they sell that data.

And really, giving all your private emails to a company that explicitly
reads them (even if it is 'automated') to advertise to you and then
mentioning 'user privacy' is just ridiculous ;)


More information about the NANOG mailing list