homepage Welcome to WebmasterWorld Guest from 54.145.172.149
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / WordPress
Forum Library, Charter, Moderators: lorax & rogerd

WordPress Forum

    
WordPress.com to serve all sites via HTTPS
by end of 2014
lorax

WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4677940 posted 11:57 am on Jun 6, 2014 (gmt 0)

[en.blog.wordpress.com...]

If we've learned anything over the past year, itís that encryption, when done correctly, works. If we properly encrypt our sites and devices, we can make mass surveillance much more difficult.

 

incrediBILL

WebmasterWorld Administrator incredibill us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4677940 posted 4:18 pm on Jun 6, 2014 (gmt 0)

we can make mass surveillance much more difficult.


That's true if you made smarter people using the devices that connect to any old open wifi which can easily decrypt SSL using man-in-the-middle attacks. The problem with mobile is due to the smaller interface there's a lot less data available and some things easily spotted and avoided on a desktop have no mobile equivalents so it's easier to be victimized and not know it until it's too late.

Also, while security is great the places already suffering bandwidth issues will feel it just a little more.

All the pings, notifications, pre-fetches and more and more, now using SSL, may look fantastic from a normal broadband connection but you get some sluggish DSL, overloaded or fringe 3G connection, or worse yet the massively overloaded airport wifi and this extra load helps push it over the edge.

P.S. Isn't this a hoot, WP goes "secure" the same day "secure" has a vulnerability, the irony of WP security (oxymoron) just cracks me up:
[webmasterworld.com...]

lorax

WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4677940 posted 5:26 pm on Jun 6, 2014 (gmt 0)

>> Heartbleed

Good point incrediBill. I wonder what their solution will be.

martinibuster

WebmasterWorld Administrator martinibuster us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4677940 posted 6:41 pm on Jun 6, 2014 (gmt 0)

Maybe I'm missing something. If the sites hosted on Wordpress.com are public and openly scraped, visited, tweeted and otherwise freely viewed, what is it that is being protected from surveillance?

lorax

WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4677940 posted 12:41 am on Jun 7, 2014 (gmt 0)

I believe it has to do with access to the admin dashboard and the unames/pwds used for access.

martinibuster

WebmasterWorld Administrator martinibuster us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



 
Msg#: 4677940 posted 2:59 am on Jun 7, 2014 (gmt 0)

That will help a site from having their passwords sniffed. Not just from government surveillance. Maybe I'm being overly critical or grumpy. Seems a bit exaggerated to posture it as an anti-surveillance thing.

Brett_Tabke

WebmasterWorld Administrator brett_tabke us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4677940 posted 8:52 am on Jun 7, 2014 (gmt 0)

Who had a hand in building the security protocols? We are naive if we don't think same ppl can decrypt SSL traffic in real time. SSL = false sense of security.

lorax

WebmasterWorld Administrator lorax us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4677940 posted 12:21 pm on Jun 7, 2014 (gmt 0)

Naw, I don't think you're being overly critical. There seems to be an element of grandstanding involved. There are a few higher priorities on my list for WordPress.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / WordPress
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved