Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Privacy Security Wikipedia News

Wikimedia Foundation Enables HTTPS For All Projects 69

Posted by Soulskill from the secure-citation-needed dept.
An anonymous reader writes "The Wikimedia Foundation has enabled HTTPS for all of its projects (Wikipedia, Wikimedia Commons, etc.), to enable secure log-in and browsing privacy. Their blog post goes into detail about how the service is configured, linking to configuration files and implementation documentation. It also mentions that HTTPS Everywhere will have updated rules for this change soon."
This discussion has been archived. No new comments can be posted.

Wikimedia Foundation Enables HTTPS For All Projects More

Wikimedia Foundation Enables HTTPS For All Projects

Comments Filter:

  • Great... Now, if only we could trust EVERY CA. (Score:5, Interesting)

    by Anonymous Coward on Tuesday October 04, 2011 @12:19AM (#37596016)

    It only takes one CA being compromised to compromise THE ENTIRE SYSTEM of TLS / SSL...
    DigiNotar.
    Additionally: *.* cert... <- WTF, who's brilliant idea WAS that feature?!

    Fact: The biggest problem with the CA system is that any CA can create a cert for ANY DOMAIN even if the domain owner doesn't request the cert first.

    Thus, EVERY CA must be 100% secure 100% of the time. TLS / SSL isn't a system that has a single point of failure... It's a system that has many Hundreds of points of failure; Any one of them being enough to cause the whole trust model to fall apart like so many cards stacked in the shape of a house.

    Your browser probably doesn't trust DigiNotar, but does it trust CNNIC?
    http://yro.slashdot.org/story/10/02/02/202238/mozilla-accepts-chinese-cnnic-root-ca-certificate

    FF: Tools/Edit > Options/Preferences > Advanced > Encryption > View Certificates

    You trust ALL OF THESE?! Well, enjoy your security theater suckers.

  • Thank you, thank you very much! (Score:5, Interesting)

    by Anonymous Coward on Tuesday October 04, 2011 @12:57AM (#37596142)

    Whoa, this is an incredibly neat deed for many wiki-editors out there, including myself. Ever since a neighbouring government passing all my foreign-bound data decided to start reading all my IP traffic [wikipedia.org] to build a comprehensive sociogram of my believes, affiliations and interests, I became increasingly paranoid and afraid of expressing myself online on foreign sites. I tried using secure.wikimedia.org, but the site had unsatisfactory stability and responsiveness compared to the unencrypted site. So I just continued using the unencrypted site, but avoiding sensitive topics.

    I hope this decision finally enables us to use Wikipedia even for editing sensitive topics, and more importantly hiding our wiki-identity from the government. Kudos to the Wikimedia technical team, you are doing a great job!

  • https://slashdot.org? (Score:3, Interesting)

    by Anonymous Coward on Tuesday October 04, 2011 @03:38AM (#37596656)

    So, when will slashdot follow? Currently https://slashdot.org just redirects to http://slashdot.org

Slashdot Top Deals

Kleeneness is next to Godelness.

Close