If so many sites fail to set a secure flag on a cookie, what can we realistically expect of CSP?https://twitter.com/mikewest/status/772709833460084736 …
-
-
Replying to @ivanristic
.
@ivanristic sadly the same can be said for all mechanisms. HSTS/HPKP are seeing equally low utilisation. People just don't know they exist.4 replies 0 retweets 2 likes -
Replying to @Scott_Helme @ivanristic
@mikewest Good stats but the numbers shouldn't be an indictment of the platform. Non-auth cookies w/o Secure are ok1 reply 0 retweets 0 likes -
Replying to @arturjanc @Scott_Helme and
If my non-authed news site moves to HTTPS but doesn't set Secure cookies I get 99% of the security value
1 reply 0 retweets 0 likes
Replying to @arturjanc @Scott_Helme and
A better metric is how many applications with *your* sensitive data use the new web security mechanisms.
3:05 AM - 5 Sep 2016
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.