Counter Surveillance Threat - Why Is Wikipedia Changing Its Web Address?
The Wikimedia Foundation, the charity the operates the Wikipedia website, announced last month (June 2015) that it would be changing its website address. The site, which has historically been found at the following URL - http://www.wikipedia.org - is now at https://www.wikipedia.org. Whats the difference? If you look carefully youll see that the new address has an s before the colon. This s is very important as it stands for secure. This refers to the connection over which you access the Wikipedia website. Accessing Wikipedia, the worlds sixth most visited website, via this new method means that your connection is encrypted. The Wikimedia Foundation explained in a blog post announcing the switch that it will encrypt all traffic accessing the site so its users cannot be spied upon.
What is HTTPS and why should I care?
HTTPS is a method of encrypting data that travels between your computer and a certain website. Accessing a website via HTTPS makes it harder (not impossible) for government agencies, ISPs and other organisations to know what youre looking at. It also means you can access content that your government may wish to censor. The Wikimedia Foundation said: We believe encryption makes the web stronger for everyone. In a world where mass surveillance has become a serious threat to intellectual freedom, secure connections are essential for protecting users around the world. Without encryption, governments can more easily surveil sensitive information, creating a chilling effect, and deterring participation, or in extreme cases they can isolate or discipline citizens. Accounts may also be hijacked, pages may be censored, other security flaws could expose sensitive user information and communications.
Hang on, so youre saying people can spy on my Internet usage if I dont use HTTPS?
Yes, thats entirely possible, although quite unlikely. Your Internet usage is subject to certain conditions (youll have signed up to these when you signed up with your ISP or mobile provider) that mean certain information can be shared if you are suspected of certain wrongdoing. Were not saying youre definitely being spied on, but it is possible that you are. We recently wrote about the Snoopers' Charter and how governments, including our own UK government, want to make it easier to find out what youve been looking at online. Subsequent to that we wrote about how computer encryption is now a human right, according to the United Nations.
So how do I make sure my connection is always encrypted?
You can do this in a number of quite easy and free ways. If youre one of those that never types in a URL but instead navigates to all websites via Google, theres a good chance that youre always on a securely encrypted connection anyway. You can also use a browser add-on like HTTPS Anywhere (available for Chrome and Firefox). This converts unsecured connections to HTTPS. Its important to note however that HTTPS isnt a magic bullet to online security and you still need to be careful. Its also worth remembering that certain functions or features of websites (such as comparison engines that let you get the cheapest flights) may not work properly if youre visiting via an encrypted connection. Image source: Wikipedia