Twitter Adds Always Secure Option
Twitter has joined Facebook in adding a profile configuration to always use a secured HTTPS connection for routine tweeting and reading after you log in to the company’s Web site; the login was already secure. Using HTTPS protects you against sidejacking in a public location where someone with Firesheep or other software could hijack your identity by sniffing a Twitter token without needing to know your account name and password. Log in, click your name at the upper right, select Settings, and scroll down to enable the option.
But do Twitter.app on Mac OS X & iOS honor this setting? I believe they used insecure HTTP when FireSheep was announced and I checked...
It's apparently first for the Web site. Some Twitter-made clients don't have this yet. Many third-party clients offer an option.
Now they've been offline for 4 hours because of screwing up the impementation of this "security feature"! What a mess!