Wikimedia hits back at NSA surveillance by turning on the ‘secure’ switch for all logged-in users

Wikimedia has responded to the latest leak regarding NSA’s XKeyscore programme - which suggested the government agency was actively looking at what people read on Wikipedia - by turning on the ‘secure’ switch for all users. When looking at a website URL, the S in HTTPS stands for Secure. Thus, with HTTPS agencies, like the NSA, or internet service providers cannot read the content of data that a website and its users exchange unless they break it with encryption. From August 21, Wikimedia will eventually makes this standard on its site for all browsing users who are logged-in. The move has apparently been in the works for some time, but the company said in an announcement: “Since we appear to be specifically targeted by XKeyscore, we’ll be speeding up these efforts.”The move to make HTTPS default for users will, however, come in stages: “Our current architecture cannot handle HTTPS by default, but we've been incrementally making changes to make it possible. Since we appear to be specifically targeted by XKeyscore, we'll be speeding up these efforts," Wikimedia said on its website. From the set date in August it will redirect to HTTPS for log-in, and keep logged-in users on HTTPS and from there will expand the HTTPS infrastructure and eventually consider enabling HTTP Strict Transport Security (HSTS) to protect against SSL-stripping man-in-the-middle attacks. Full details of its plan can be read on the Wikimedia website.

Join us, it's free.

Become a member to get access to:

  • Exclusive Content
  • Daily and specialised newsletters
  • Research and analysis

Join us, it’s free.

Want to read this article and others just like it? All you need to do is become a member of The Drum. Basic membership is quick, free and you will be able to receive daily news updates.