|
|
|
|
|
|
by eeniac
2343 days ago
|
|
|
Common security wasn't respected at Vkontakte as well.
The social network was serving plain http login form and internal communication unencrypted until 2013[0]. I reminisce that when Durov was questioned about the abscence of secure connection to the servers, he told it's a too much of overhead and may impact QoS badly. Some time they rolled out an `always use https` option and buried it deep in the user preferences. Meaning most of non-tech savvy audience kept using the service unaware they are not secure. The obvious pattern here is they tend to use plain http as a default transport unerminig established security practices. [0] https://translate.google.com/translate?sl=auto&tl=en&u=https... |
|
|