Given the extreme hyper-focus on session theft through packet capture and replay (ahem, FireSheep!) in sites like Twitter and FaceBook, it's interesting to see how difficult it is (or if its even possible) to enable HTTPS throughout a popular, high-traffic site that we use every day. I was hoping to be pleasantly surprised that the "big 3" (Microsoft Live Hotmail, Yahoo Webmail, and Google GMail) had implemented (or at least had published easy-to-do instructions for) HTTPS encryption throughout the site ...not just at the landing or login page.
Since Google's GMail enabled HTTPS throughout the site a while back (January 2010), I wondered if Microsoft and Yahoo had followed suit. I remember that Google had made a big deal about enabling HTTPS throughout their webmail site, but that was a while ago and surely the other of the big 3 had followed suit. Right?
............................................................................................
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Since Google's GMail enabled HTTPS throughout the site a while back (January 2010), I wondered if Microsoft and Yahoo had followed suit. I remember that Google had made a big deal about enabling HTTPS throughout their webmail site, but that was a while ago and surely the other of the big 3 had followed suit. Right?
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.