Facebook finally moves to HTPPS


In an effort to protect its users from malicious external links, Facebook has upgraded its link infrastructure by adding HSTS preloading to automatically convert insecure HTTP links to HTTPS when possible. 

As the social network's monthly users have grown to almost 2.13bn during Q4 2017, the company now has an even greater responsibility to keep visitors to its site safe.

By ensuring that a majority of the links users visit on either Facebook or Instagram use the more secure HTTPS, Facebook can help protect them from being exposed to unwanted snooping, surveillance and even Man-in-The-Middle attacks. 

Software engineer at Facebook's Data Privacy team, Jon Millican explained the reasoning behind the recent changes to how the social network handles external links in a blog post, saying: 

“We have recently upgraded our link security infrastructure to include HSTS preloading, which automatically upgrades HTTP links to HTTPS for eligible websites. This will improve people's security and will also often improve the speed of navigation to sites from Facebook.” 

In order to determine which sites can be upgraded to HTPPS, Facebook uses the popular and regularly upaded Chromium preload list as well as information gathered from its own platform. 

Google recently announced that sites using HTTP would be listed as insecure in the next version of Chrome and with Facebook joining the effort we may see a much more secure Internet sooner than previously thought. 

Image Credit: Alexey Boldin / Shutterstock