Skip to main content

Facebook finally moves to HTPPS

(Image credit: Image Credit: Alexey Boldin / Shutterstock)

In an effort to protect its users from malicious external links, Facebook has upgraded its link infrastructure by adding HSTS preloading to automatically convert insecure HTTP links to HTTPS when possible. 

As the social network's monthly users have grown to almost 2.13bn during Q4 2017, the company now has an even greater responsibility to keep visitors to its site safe.

By ensuring that a majority of the links users visit on either Facebook or Instagram use the more secure HTTPS, Facebook can help protect them from being exposed to unwanted snooping, surveillance and even Man-in-The-Middle attacks. 

Software engineer at Facebook's Data Privacy team, Jon Millican explained the reasoning behind the recent changes to how the social network handles external links in a blog post, saying: 

“We have recently upgraded our link security infrastructure to include HSTS preloading, which automatically upgrades HTTP links to HTTPS for eligible websites. This will improve people's security and will also often improve the speed of navigation to sites from Facebook.” 

In order to determine which sites can be upgraded to HTPPS, Facebook uses the popular and regularly upaded Chromium preload list as well as information gathered from its own platform. 

Google recently announced that sites using HTTP would be listed as insecure in the next version of Chrome and with Facebook joining the effort we may see a much more secure Internet sooner than previously thought. 

Image Credit: Alexey Boldin / Shutterstock

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.