Tumblr Opts SSL

October 30, 2014 | By Editor 


Social networking website Tumblr has finally begun to catch up with modern security standards, like its contemporaries, by activating SSL in February this year. However, there is a catch: Users will have to manually enable SSL on Tumblr.

Tumblr Opts SSL

Tumblr Goes for SSL

  • Most of you are familiar that, Secure Sockets Layer, or SSL, allows for information being transmitted from the Tumblr server to a system to be encrypted. SSL reduces the likelihood of casual spying on people who visit websites with it enabled. Tumblr owners can now go into their Tumblr account settings dashboard and enable SSL manually.
  • Tumblr’s director of security, Conrad Rushing who wrote the blog announcing the new feature, said that there was no reason that Tumblr owners should refrain from enabling SSL. It will not change anything about the settings dashboard, it just encrypts the connection to it, he added.
  • Tumblr was lauded for giving its blog owners the choice to increase the privacy and security of both themselves and their visitors.
  • However a question still remains: Why didn’t Tumblr just enable the feature by default for all its connections? By enabling SSL for all website traffic, Tumblr would do its users and their visitors a considerable but privacy-centered favor. Though the Yahoo-owned website was appreciated by many security experts, most opined that the site did not go far enough.
  • According to Chris Wysapal, a security expert, the only reason to make it an opt-in was to save on computing resources at Yahoo. Is it possible to sell a car today with seat belts as an opt in? Probably, this might have been a possibility four decades ago but today it is not, he added.
  • To Troy Hunt, a security analyst and software architect, Tumblr’s move was less optimistic. He said that until SSL implementation is enabled for all users, it would not make much difference.
  • To begin with, giving users the option to turn on something they probably do not understand easily might help Tumblr test things with a minimum number of users. But it is very clear that SSL should be enabled default, if ¬†Tumblr wants to succeed in the long run.
  • Tumblr officials have informed that at some point the firm will turn on SSL by default for everybody, but it just needs time. The company will eventually enable the SSL feature by default for all of its users.
  • But to efficiently handle the immense Web traffic produced by such an effort, the social networking site is beginning first by giving its users the option to opt in.


<< Financial Institutions are in Most Need of Data Encryption EducationHow to Install SSL Certificate for a Website? >>

Posted in SSL

Be Sociable, Share!

Leave a Comment


* fields are mandatory