The news in recent months about the espionage of communications and user data on different Internet services by the NSA have not left any technology company indifferent, where many of them have taken measures to strengthen security. and the privacy of the data of its users to avoid, as far as possible, new acts of espionage.
In this sense, this Friday it is Twitter that has announced the adoption of a more secure protocol known as Perfect Forward Secrecy, which is located at the top of the standard HTTPS encryption, in which, unlike traditional HTTPS, as explained Twitter in its own advertisement, the client and the server manage a shared random session key without having to send it over the network, even under encryption. In traditional HTTPS, the client generates a random session key, the encryption using the public key of the server, and it is sent through the network, so that whoever owns the private key and some registered traffic can decrypt the password. session and you can use it to decrypt the entire session.
The announcement itself adds more information about reinforcing the security of the service, including the adoption of new technical measures applied to its own, more complex servers, in order to guarantee said security.
Twitter believes that the measure they have taken should be the new normal for web service owners, encouraging webmasters to apply HTTPS by default in their spaces, and if they have already done so, harden it with strict transportation security. HTTP, secure cookies, setting certificates and Perfect Forward Secrecy. Users are encouraged to demand that the services they use have HTTPS to protect their privacy and that they have updated web browsers themselves.