[seanr]

Maps and other apps on the iPhone weren't using HTTPS in 08 (underpowered device, need to squeeze every last drop from battery). They do now however. It's not just a spy agency issue, anyone could have sniffed the unencrypted traffic.

[streetnigga]

(underpowered device, need to squeeze every last drop from battery)

Really now? Is that the official reasoning for not using HTTPS?

[TeMPOraL]

Well, this is the most common argument before Snowdengate I heard against using HTTPS anywhere, not only on mobile devices.

[seanr]

Back then it was.

[streetnigga]

I just don't recall anything official regarding that line of thought. Direct PR or otherwise. Is there any examples off the top of your head?

[judk]

"HTTPS is expensive" has been a widespread (stupid) meme since the invention of HTTPS. How old are you?

[streetnigga]

Old enough to know a non-answer when I see one.

Again I ask: Any specific examples from companies or organizations that implement HTTP(S) in their products stating device power as reason for non-implementation?

[themartorana]

I imagine it to be a horrible miscarriage of trust to not use HTTPS. We made the decision early on that handling any personal data not over HTTPS was massively irresponsible - and this is pre-Snowden.

That said, if they have kernel-level hacks or can intercept and decode HTTPS (or sit and listen on say, any AWS server they want), what does HTTPS really matter against the NSA?

Still, totally irresponsible - battery life is a constant struggle, but not enough to even make us consider changing our API client code.