One of the truisms in life is that no matter what you do, you aren’t going to make everyone happy — even when you are providing improved security for a site that is known for its security and privacy flaws.
Right before I closed up shop for Thanksgiving, I heard that Facebook was making a major security shift. It was now going to make its HTTPS connection the default. The more secure option has been available for a little while now, but it wasn’t the default. The user had to make the effort to make the switch — and anyone who uses Facebook knows, switching to the site’s top privacy and security settings has never been a simple task. But as InformationWeek pointed out:
Using HTTPS helps secure all communications between browsers and Facebook's servers. It is typically signified from inside a browser by the presence of a lock icon or a green SSL address bar when viewing a Facebook page. While HTTPS will become the new default, Facebook will still offer "an opt-out for the crazies," said Ivan Ristic, director of engineering at Qualys, via Twitter.
I see the new default as a good thing. It adds an extra security layer in the enterprise (and personal) space. The employees who use BYOD and aren’t always careful with their Facebook use will now have that extra bit of security if they hadn’t already opted in.
However, many of the headlines I’ve seen about the Facebook change don’t focus on the fact that Facebook is making security easier for users. Instead, I saw headlines like this one at Tech Crunch: “Facebook Could Slow Down A Tiny Bit As It Starts Switching All Users To Secure HTTPS Connections.”
Really? That’s the concern? A little more security might slow down your computer a tiny bit? The article even pointed out that speed was the reason that Facebook delayed rolling out the more secure setting in the first place. However, the Tech Crunch piece went on to say:
But protecting people who use the default settings is why this is an admirable decision by Facebook. Its priority is security. It might not be as sexy as blazing speed, but a hacked user is an unhappy user. Lots of people access Facebook from public wi-fi and public computers. Persistent HTTPS makes sure they’re not getting snooped on.
Speedy computing is great, but in today’s Internet landscape, security has to be the top priority. If that means your computer is a tiny bit slower, so be it. It sure beats the alternative.