Wikimedia hits back at NSA surveillance by turning on the ‘secure’ switch for all logged-in users
Wikimedia has responded to the latest leak regarding NSA’s XKeyscore programme - which suggested the government agency was actively looking at what people read on Wikipedia - by turning on the ‘secure’ switch for all users. When looking at a website URL, the S in HTTPS stands for Secure. Thus, with HTTPS agencies, like the NSA, or internet service providers cannot read the content of data that a website and its users exchange unless they break it with encryption. From August 21, Wikimedia will eventually makes this standard on its site for all browsing users who are logged-in. The move has apparently been in the works for some time, but the company said in an announcement: “Since we appear to be specifically targeted by XKeyscore, we’ll be speeding up these efforts.”The move to make HTTPS default for users will, however, come in stages: “Our current architecture cannot handle HTTPS by default, but we've been incrementally making changes to make it possible. Since we appear to be specifically targeted by XKeyscore, we'll be speeding up these efforts," Wikimedia said on its website. From the set date in August it will redirect to HTTPS for log-in, and keep logged-in users on HTTPS and from there will expand the HTTPS infrastructure and eventually consider enabling HTTP Strict Transport Security (HSTS) to protect against SSL-stripping man-in-the-middle attacks. Full details of its plan can be read on the Wikimedia website.
I challenge the rest of the industry to join us. Encryption is a human rights issue. http://t.co/aCuJFJzc27
— Jimmy Wales (@jimmy_wales) August 2, 2013