All Twitter Apps Must Deploy SSL/TLS

[Reefa]

As of yesterday, Twitter’s application programming interface (API) will only recognize traffic traveling via Transport Layer Security (TLS) or Secure Sockets Layer (SSL). Any applications connecting to the API in plaintext will no longer work.

There is a vast selection of third-party Twitter applications such as Hootsuite and Tweetdeck available to Twitter users, and these apps draw information from Twitter through the service’s API. From Jan. 14 onward, Twitter is forcing developers to connect to its API over an encrypted HTTPS connection.

Developers of existing apps that connect to the API over HTTP will need to change upgrade their apps to HTTPS or they will stop functioning.

The move will improve the security and privacy of Twitter users who opt to connect to the micro-blogging service through a third party application rather than Twitter’s official Web interface.

“Connecting to the API using the SSL protocol builds a safe communication channel between our servers and your application, meaning that no sensitive data can be accessed or tampered by unauthorized agents in the middle of this communication path,” the company wrote on a developers forum back in mid-December.

Source