WebMail + HTTPS - How Difficult Can It Be?
Given the extreme hyper-focus on session theft through packet capture and replay (ahem, FireSheep!) in sites like Twitter and FaceBook, it's interesting to see how difficult it is (or if its even possible) to enable HTTPS throughout a popular, high-traffic site that we use every day. I was hoping to be pleasantly surprised that the "big 3" (Microsoft Live Hotmail, Yahoo Webmail, and Google GMail) had implemented (or at least had published easy-to-do instructions for) HTTPS encryption throughout the site ...not just at the landing or login page.
No comments:
Post a Comment