Forgot your password?
typodupeerror
Privacy Security Social Networks Twitter Wireless Networking Your Rights Online

Twitter Joins the HTTPS By Default Party 95

Posted by CmdrTaco
from the encrypted-packets-are-better dept.
wiredmikey writes "Following a trend in allowing users to automatically utilize the secure HTTPS protocol when accessing Web based services, Twitter announced this week that it has added the option for users to force HTTPS connections by default when accessing Twitter.com. The reasons to utilize HTTPS when accessing any personal accounts aren't new, but an easy to use extension for FireFox called 'FireSheep,' released in October 2010, spiked concern, as it enables HTTP session hijacking for the masses."
This discussion has been archived. No new comments can be posted.

Twitter Joins the HTTPS By Default Party

Comments Filter:
  • Re:Bad idea! (Score:4, Insightful)

    by CastrTroy (595695) on Wednesday March 16, 2011 @10:01AM (#35503374) Homepage

    Twitter isn't carrying important personal data

    Tell that to the people in Libya, China, North Korea (do they have internet?) and other places around the world where the government isn't so easy on people who oppose the regime.

  • by shish (588640) on Wednesday March 16, 2011 @10:31AM (#35503670) Homepage

    Speaking as someone in exactly the situation you describe -- running our current site on a small single-core VPS, over HTTP we can serve ~400 static files per second, limited by bandwidth. Using HTTPS, we can serve 10 static files per second, limited by CPU speed. For dynamic pages, the limits are more like 50/sec (limited by CPU) and 5/sec (limited by CPU -- page load times go up a lot as the database and processing are competing with the encryption)

    Current plan to deal with this, because we want to be HTTPS by default, is to offload static files to an HTTPS-enabled CDN, and have a front-end reverse proxy or several dedicated to SSL processing -- unless anyone has any better ideas?

Your fault -- core dumped

Working...