14 DAY TRIAL // After announcing a somewhat crippled HTTPS implementation a month ago, Facebook has made significant progress towards fixing the issues, like enabling the chat functionality.
Google is clearly pushing HTTPS into the mainstream by enabling it by default for services like Gmail, Docs, Calendar and more recently, Picasa Web Albums.
Facebook aims to implement default full-session HTTPS sometime in the future too, especially since the need for such protection was clearly outlined by the account hijackings in Tunisia.
During the protests that eventually lead to the ousting of former President Zine El Abidine Ben Ali, the Tunisian government used its control over the country's main Internet routers to inject password stealing code into the Facebook login page.
Had it been protected by SSL, this kind of tampering would have broken the HTTPS connection, which could have tipped off users that something bad is going on.
Facebook started its HTTPS push first by providing an option under Account Security to always enable such a connection automatically.
However, it warned that important functionality, such as using third-party applications or the Facebook Chat, was not available over HTTPS.
When trying to open an app users were asked to revert back to HTTP, which was not a temporary change as some people might have instinctively thought.
Nevertheless, it appears that Facebook has worked behind the scenes on improving its HTTPS implementation and it has some progress to show for it.
For one, Facebook Chat now works, which is a great plus for users willing to try HTTPS. The network is also working on making third-party apps available under HTTPS.
While it's no longer required to revert to HTTP in order to use them, the encryption is still broken because not all content is signed. The apps we tried also loaded very slowly.
Granted, Facebook's HTTPS offering is still not ready to be embraced by everyone, but it could protect people who often connect over open wireless networks, as long as they're ok with not using apps just yet.