Friday, October 08, 2004

On security of stuff being passed around while signing up, logging in, etc.

Nowadays, there are more and more sites and services coming up that offer a lot of fabulous (in each and everyone's opinion) things for free. Stuff like Blogger, Orkut, Flickr, FeedBurner, ...

However, AFAIK, none of these sites use HTTPS or other forms of secure communication while doing a sign-up or logging into their site. Understandably, they aren't passing around the password in plain text, but I'd be much more happier to see HTTPS for a start.

The issue becomes slightly compounded because I'm responsible for what I'm (supposedly) putting up on such sites and if the access is not secure, how can one say with certainty.

I've written at Evan William's about this security issue. Let's see if he has some insight to offer.

Update: (14-Oct-2004) : Here's my comments (in an open thread) on Dan Gillmor's eJournal regarding this issue.

No comments: