A lot of you guys probably already know his, but Facebook is in the process of rolling out full SSL encryption for the whole session. At the moment, you can turn it on in your account settings already. In my experience, the connection reverts back to non-ssl when you keep the page open and it auto-refreshes, but when you actually refresh the page yourself or click on a link it goes back to SSL. Strange behaviour.
Edit: it seems the dropping SSL is caused by Opera, not by Facebook; and it does this on every SSL site! Big fail, Opera, big fail. Back to the bench as spare browser you go.
Here's some more info:
http://blog.facebook.com/blog.php?post=486790652130
Oh, and, off course, don't use facebook, 'cause it's evil. But it's just soo damn handy for stalking people ...
Edit: just in case some of you don't know it yet: Gmail offers this too, so turn it on!
Comments
Totse has SSL too. I don't use it because I am lazy but you should use it nonetheless.
Trying to keep in contact with about 100 people using methods such as text messaging or MSN is a pain in the ass, dude. I understand where you're coming from though, and if it was as easy as being able to delete it and still contact everyone, then I totally would.
In response to the OP, I've been using HTTPS with Facebook for about a month or two now, and it's served me well. To begin with, it did that dumb shit where it stopped using SSL after every link I clicked on, but something popped up one day after logging in and asked me if I wanted to use HTTPS all the time when using Facebook. I clicked on the yes button, and haven't had a problem since :thumbsup:
text messaging is a pain i have to admit but there is no way i would go back to using facebook
I also use SSL on Gmail, and when I had Twitter too. You can download an addon which forces the use of HTTPS on all sites which have it enabled, just in case you forget to enable it yourself. Pretty handy stuff.
Causes quite the shock when at the end of a conference you show the whole audience you can log into just about every one of the participants' email, facebook etc. account.
That's pretty cool, it's like the lazyman's way of sniffing a network Too bad it's not compatible with Firefox 4 yet I'll probably install this addon onto my Backtrack installation which uses a much older version of Firefox, so thanks for posting it :thumbsup:
(This is not directed at you amie, I am only responding to your comments)
What makes posting personal information or stories on totse any different? Do you think the feds aren't watching this site as well? For those who have posted pictures, and other personal information here or anywhere else for that matter, you're in the same boat...
Google finds everything (public anyway).
The worst part is that even if you've setup Facebook to use SSL, you'd still get caught by that thing on any sites with those awful Facebook plugins, if you stay logged in. There's a Firefox addon that will block all access to Facebook from anywhere but it's own site though.
Also, for the Gmail one, same thing for Google search (if you stay logged into Google) unless you use the SSL version of search too.
Is firesheep still working? I'm tempted to revert back to FF3.6 and give it a try.
That's the only reason I have a Facebook. I don't really like it, but I kinda need it
Thank you for sharing your expert opinion with us, DS who isn't DS anymore.
Don't know, haven't tested it recently, I guess it still does, though, as long as they don't start sending their cookies over SSL it should still work.
I didn't know that. But I never stay logged in while surfng anything else than facebook / gmail in the same browser, so I'm pretty much immune to that.
No shit Sherlock, its only SSL so it's not going to stop the feds from seeing what you're writing. However, it's much more SECURE than accessing Facebook (or any site) through a regular connection. If you're sitting in an internet cafe and you're logging into a website, would you rather use SSL or have no protection at all?
OP knows exactly what he's talking about, learn to read.
Found a cure for this one: private tabs in Opera. Edited to add: After some testing, this function does not seem to work properly yet. Sometimes a new private tab is truely private, sometimes it shares cookies with other private tabs.
Firefox really needs to support private tabs. And Opera needs to support SOCKS proxies. If they did that, the world would have two perfect browsers.
Explain yourself, because as far as I know, SSL offers slightly more protection than a standard HTTP connection, as it's harder to sniff and intercept. It's still fairly easy to capture HTTPS information but it's definitely harder than sniffing HTTP.
You have a point there. I think it's just a case of letting it slide a little, just because Facebook is an effective means of communication between your friends. That means that the seemingly "serious" privacy concern isn't that serious after all. If it was very serious though, I wouldn't hesitate to remove it.
Some may have the capability to control the content they put on fecesbook. But do your friends & family posses that same control? It's not like fecebook will infract or ban your mother for your baby photos on her page. You know what I mean?
The hatred for fecesbook isn't specifically targeted at you or any other user of the service. It's targeted at fecesbook in general.
I'd delete a post/thread if it contained non-consensual personal information concerning totse members. Would fecesbook?
Backdoor access for millions of Facebook and MySpace accounts
Edit to add: Not to mention marketers are given access to your personal information whether you like it or not.
Also FB used to have a master password that let employees access any account.
Would've been quicker if you just clicked account - Account Settings - Account Security. I turned on SSL from there. Good thread OP, I didn't even know Facebook had this. I just use it for keeping in touch with IRL friends and for stalking people. Beyond that Facebook is pretty useless.