Facebook insecure by design
jeroen at unfix.org
Sun Oct 23 13:11:47 CDT 2011
[hmmm this subject is not really ops now is it...]
On 2011-10-23 19:43 , steve pirk [egrep] wrote:
> Just about everything on Google pages is https these days, even search if
> you enable it.
(or just use https://encrypted.google.com which is available for quite
some time already)
> If anybody on this thread uses gmail com a you really ought to take a look
> at google plus. Compare the way user privacy is the primary objective,
> versus the share everything by default of facebook.
Since when is encrypting a transport (in this case using TLS/SSL) 'user
The only thing it is protecting is intermediate networks sniffing or
even modifying the traffic and more importantly for the company who gets
all your private information: their revenue stream when they sell that data.
And really, giving all your private emails to a company that explicitly
reads them (even if it is 'automated') to advertise to you and then
mentioning 'user privacy' is just ridiculous ;)
More information about the NANOG