Industry News

Facebook Moves to HTTPS over Wi-Fi, Starting in North America

Open Wireless Movement Encourages Sharing Your Wi-Fi

Facebook announced on its Developer Blog that North Americans will start using HTTPS over Wi-Fi networks to better protect authentication cookies from being spoofed and used by cyber-crooks.

Encrypting cookies for the duration of the logged in session is thought of as a secure way of communicating between users and Facebook’s servers, and experts suggest that more service providers should adopt this change.

Facebook Moves to HTTPS over Wi-Fi, Starting in North America

Although Google adhered to HTTPS in December 2010 and Twitter in February, Facebook’s implementation required more planning as third-party developers such as game developer Zynga offer services through the social network.

Using HTTPS ensures that vulnerabilities in the way Facebook cookies are handled cannot be sniffed over Wi-Fi and used to impersonate users. Security buffs praise the new approach and although Facebook said the change only affects North American users, the service will be launched on a global scale sometimes soon.

“As announced last year, we are moving to HTTPS for all users. This week, we’re starting to roll out HTTPS for all North America users and will be soon rolling out to the rest of the world,” said Facebook on their Developer Blog.

Because implementing HTTPS requires more server processing power for Facebook, experts believe the extra security measure is worth the time and investment. Facebook fans may also be less reluctant to use Wi-Fi networks as the risk of cookie hijacking dims.

About the author


Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past couple of years. He is the youngest and most restless member of the Bitdefender writer team and he covers mobile malware and security topics with fervor and a twist. His passions revolve around gadgets and technology, and he's always ready to write about what's hot and trendy out there in geek universe.

1 Comment

Click here to post a comment
  • With all due respect, I believe that the article is somewhat mis-titled.

    Unencrypted communications are a privacy risk. A Wi-Fi link in the connection chain merely increases the risk. The risk is still there on a wired network, as is the risk of their being a shared key or unencrypted network link in the chain between the browser and the server.

    The better title might have been: “Facebook adopts HTTPS to Guard User Privacy”. The involvement of Wi-Fi is secondary.