View Feed
group-icon
Hacking and Computer Security
Community for every ethical hacker and computer security enthusiast to discuss latest and the best concepts and ideas.
439 Members
Join this group to post and comment.
Ankita Katdare
Ankita Katdare • Nov 23, 2013

Twitter Makes Encryption More Secure; Says, "You Will Not Put A Finger On My Users"

Twitter, the leading social interaction platform, has officially announced that it has made its encryption system more secure and has thus safeguarded all the Twitter users from snooping attacks. Just like Google and Facebook, Twitter has added an extra layer of security by introducing "Perfect Forward Secrecy" to protect data the data that its users share from spying or prying people and systems. Almost an year ago, Twitter was first served completely over HTTPS. By making available the advanced security features such as confidentiality and integrity that are the properties of HTTPS (Hyper Text Transfer Protocol Secure), Twitter has made sure that if someone steals Twitter's private keys by recording the users' encrypted traffic, they will not be able to decrypt it at all.

In order to support forward secrecy, Twitter has enabled the EC (Elliptic Curve) Diffie-Hellman ECDHE cipher suites. Moreover, the company uses TLS session tickets to allow clients to reconnect quickly using an abbreviated handshake if they still have a session ticket from a recent connection. With this they seem to have achieved efficiency in CPU savings and thus saved one network round-trip, commonly around 150ms and often much more on mobile networks. Twitter has brought for its users HTTP Strict Transport Security, secure cookies, certificate pinning, and Forward Secrecy and are advocating that the security gains have never been more important to implement.

Twitter-security

Privacy protection has become a leading issue for all Internet business owners all over the world. Especially after Former NSA contractor Edward Snowden revealed US surveillance on a global scale, all the Internet tech giants have been showing their users how much they value the user's data security. According to a blog post they published, the non-profit Electronic Frontier Foundation is among online rights champions who advocate for this kind of added protection on personal Internet traffic. What Twitter believes in is that this new technology should become a norm for web service owners and therefore should be rapidly owned and acknowledged by everyone.

The online industry is definitely headed in a right direction. We would love to hear your thoughts on Twitter's security enforcements and plans. So speak up in the comments.

Share this content on your social channels -