[Cryptography] HTTPS usage at major media sites
Darren Moffat
darren at nessieroo.com
Mon Nov 2 04:26:44 EST 2015
One reason to force https on news sites though is so that the reader
benefits from authentication and integrity protection. Reducing the chance
that a MiTM attack is used to present fake or altered stories.
The above is one of the reasons why blogs.oracle.com only runs over https.
For a public news site in not so sure I see why someone would expect to
have any privacy over the metadata indicating what they read. If you need
that then you should read in private browsing mode over Tor (or equivalent)
- your browser state will be as leaky of that metadata than the channel.
Darren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151102/ca8ca572/attachment.html>
More information about the cryptography
mailing list