When on Facebook, have you seen a recent, recurring post that advises you to look at your URL bar and see if it says "HTTP:" or "HTTPS:" and if you only see "HTTP" you can be "hacked"?
While this is partly true, it is also a bit misleading, so we researched some resources, including the venerable hoax busting site Snopes, and here is the whole story.
First, know that HTTP is shorthand for the "language" that is being used between web servers and clients, and anyone that wants to could "eavesdrop" and read that language. HTTPS means that the language is "Secure", meaning the HTTP language has become encrypted with a code that others cannot read.
So, what does this mean on Facebook? According to our sources, the HTTPS is going to be most useful if you are on a shared WIFI network, such as a cafe with Internet connectivity, where there is a technique that can allow nefarious people to hijack session cookies and gain access to your account. The HTTPS will prevent them from doing this.
But here is the rest of the story: Just because you have changed the security setting to HTTPS, you are still not immune from all Facebook security threats. Hoax spotting site That'sNonsense.com recommends not reposting the message in order to avoid lulling friends into a false sense of security.
What does Simple recommend?
- Be on the safe side and go ahead and change the setting to HTTPS.
- If you want, tell your friends about the HTTP vs HTTPS, but be sure to also mention it won't protect them from all Facebook security issues.
- Be aware of posts that may or may not be hoaxes and check them out yourself before reposting or acting on the message. Snopes.com, thatsnonsense.com, and the Facebook group Hoax-Slayer are good resources for hoax checking.
