Facebook and Twitter fail basic security test http://news.yahoo.com/s/digitaltrend...icsecuritytest
Riding off of the coattails of the FireSheep Firefox exploit, Digital
Society has studied the basic security functions of 11 popular
websites and given them grades. The results are not stellar for most,
especially social networking sites Twitter and Facebook, which both
received failing grades.
.... snip ...
Long ago and far away we were called in to consult with small
client/server startup that wanted to do payment transactions on their
server; they had also invented this technology called "SSL" they wanted
to use; the result is now frequently called "electronic commerce". Part
of the effort was study regarding security requirements for SSL
deployment and use. Almost immediately the security requirements were
violated because webservers found SSL cut their thruput 90-95%, dropping
back to just using it for paying/checkout
virtualization experience starting Jan1968, online at home since Mar1970