Facebook rolls out always-on HTTPS by default
Posted on 19 November 2012.
Bookmark and Share
After expanding secure browsing from the login process to the entire site in January 2011, Facebook is finally rolling out HTTPS by default for all users - not just the ones who opted for it.

The social network has understandably gone relatively slow through these changes as, initially, the loading of the pages went more slowly with HTTPS on, and some features as well as third-party applications were not working because they were not supported in HTTPS.

Users who, at the time, did opt in for full HTTPS throughout the site had their connection automatically downgraded to HTTP every time they allowed it in order to use an application that did not support HTTPS. After a while, it was discovered that the switch would also automatically deselect the secure browsing option - a glitch that may or may not have been intentional.

Almost two years have passed since then, and Facebook must have finally concluded that always-on HTTPS will not lead to a decrease of the social network's quality of service, as they have (rather quietly) announced last week the roll out of HTTPS for all North America users, with the rest of the world to follow shortly.

Of course, anyone can still opt into the feature anytime by visiting their account's Security Settings and ticking off the Secure Browsing option. For those who have already done that, this latest Facebook's decision won't present a change at all.


Identifying security innovation strategies

Posted on 14 April 2014.  |  Tom Quillin is the Director of Cyber Security Technology and Initiatives at Intel Corporation. In this interview he talks about security innovation, current and future threats.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Apr 15th