Security is a topic near and dear to my heart. Most of the year leading up to launch was spent making a PCI-compliant, super-redundant, ultra-secure financial transaction layer. And can you even imagine how hard it is to train lions to fight with lightsabers at anything more than the most rudimentary level? When the blogosphere got all atwitter because Twitter *finally* made a “default HTTPS” option, I was baffled. And now to see TechCrunch lauding FourSquare for making a:
solid move. And not the easiest one to make. One of the main reasons that every site/service doesn’t turn it on is a simple one: it means a performance hit.
What?! This isn’t exactly genius stuff. Quite the opposite: it’s a long-delayed fix to a glaring security hole. It’s an embarrassment. We’ve been doing this from the very first day, even before it was cool. Scratch that — it was never cool, it was just obvious. It makes me wonder: what are these guys still missing?