WTF: Apple .Mac webmail isnt secure? August 28
I was trying to explain security differences between webmail pages in a discussion with colleagues recently.
I set up a trial .mac mail account and used my existing gmail account for comparison.
I was shocked to discover that the .mac webmail login page isnt even a secure page (https://). The web address is http://www.mac.com/WebObjects/Webmail.woa/689.
Now if you change http:// to https:// it redirects back to the http://. This is confusing because the .mac security policy clearly says “When you log in, .Mac uses industry-standard SSL encryption to protect the confidentiality of your member name and password.”