AfterDawn: Tech news

NY Senator wants HTTPS to be default

Written by Andre Yoskowitz @ 28 Feb 2011 4:45 User comments (20)

NY Senator wants HTTPS to be default New York Senator Charles Schumer has called on America's largest sites to make the HTTPS protocol the default for their sites in an effort to prevent ID theft when users hop on public Wi-Fi at places like Starbucks and McDonalds.
The Senator says the growth of public Wi-Fi spots is making it easier for hackers to steal info like credit card numbers and passwords for banking institutions.

Says Schumer (via Reuters):

The number of people who use WiFi to access the Internet in coffee shops, bookstores and beyond is growing by leaps and bounds.

The quickest and easiest way to shut down this one-stop shop for identity theft is for major Web sites to switch to secure HTTPS web addresses instead of the less secure HTTP protocol.


HTTP, says the Senator, is a "welcome mat for would-be hackers." Most major site operators, outside of the banking institutions, use HTTP as the default, even if they do have HTTPS versions.

Previous Next  

20 user comments

128.2.2011 18:10

I do not oppose this.

228.2.2011 19:45

still can hack even using that site as default .

328.2.2011 21:24

Meh, I don't think it should be mandatory. But those people should realize that they are on someone else's network and are subject to whatever happens.

428.2.2011 22:01

Did I step in to the twilight zone or something? A politician said something tech related that makes sense.

Next weeks episode: Sony will start to care about consumers. And even drop all current lawsuits then restore other OS in the next ps3 update.

51.3.2011 01:36

Originally posted by xyqo:
Did I step in to the twilight zone or something? A politician said something tech related that makes sense.

Next weeks episode: Sony will start to care about consumers. And even drop all current lawsuits then restore other OS in the next ps3 update.
LoL...that seems to be the size of it. I am still trying to find the evil and corruption in this plan; after all...it comes from a politician, it can't possibly be a good thing. Maybe he owns stock in a company specializing in secure networks or something.

61.3.2011 03:04
ps3lvanub
Inactive

Not every single politician is a dickhead... Just 99% of them.

71.3.2011 03:27

If it wasn't a politician talking I'd probably be less skeptical. Politicians just like to get their name on as many proposals as possible regardless of how much sense they make.

Besides, how tough is it to see the padlock and the https:// in a browser window? It seems unnecessary to me.

Also, it isn't trivial to set up a secure certificate. It's a few more hoops to be jumped through. I can see quite a few websites that don't do SSL just going offline if it passes. I'd hardly call that progress.

81.3.2011 06:03

Got it...if every site needed an SSL cert, then sites like wikileaks could be in danger of being blocked to the majority of the tech-illiterate public simply by revoking the cert.

I knew that a politician couldn't be doing good!

91.3.2011 07:36

It's Schumer, he never does anything for the good of the people. It's a grandstanding tactic to get something else pass. He is bringing this issue to light, so when a bill is created he can add pork to it and use this SSL as the main reason. He has done this many times. I wish people of NY can see this.

101.3.2011 13:34
lissenup2
Inactive

Probably one of the best ideas ever. Never could figure out why this was the de facto from the start. There's no harm in it, no inconvenience and therefore, why not just go this route. Good for that politician. He may be exempt from a public execution.

111.3.2011 15:43

Originally posted by lissenup2:
Probably one of the best ideas ever. Never could figure out why this was the de facto from the start. There's no harm in it, no inconvenience and therefore, why not just go this route. Good for that politician. He may be exempt from a public execution.
Yeah, the more I think about it, the more this scares me. On the surface it looks like a great idea and some will be all for it. But having gone through the process of implementing SSL myself, I can see how it could easily be used to take down sites that aren't "approved of" by whoever in power doesn't like them.

If it's restricted only to the largest sites, that's fine. But will it stay a restriction only for those sites? Who determines which sites must adhere to it and which don't?

Be afraid. Be very afraid.
This message has been edited since its posting. Latest edit was made on 01 Mar 2011 @ 3:58

121.3.2011 16:55
ps3lvanub
Inactive

I can't see every single site being forced to go secure. It will kill half of the internet.

131.3.2011 19:59
lissenup2
Inactive

Originally posted by Clam_Up:
Originally posted by lissenup2:
Probably one of the best ideas ever. Never could figure out why this was the de facto from the start. There's no harm in it, no inconvenience and therefore, why not just go this route. Good for that politician. He may be exempt from a public execution.
Yeah, the more I think about it, the more this scares me. On the surface it looks like a great idea and some will be all for it. But having gone through the process of implementing SSL myself, I can see how it could easily be used to take down sites that aren't "approved of" by whoever in power doesn't like them.

If it's restricted only to the largest sites, that's fine. But will it stay a restriction only for those sites? Who determines which sites must adhere to it and which don't?

Be afraid. Be very afraid.
Never thought of it like this. How depressing.

143.3.2011 03:15

For More Info or download HTTPS:

http://gizmodo.com/#!5774952/no-one-is-safe-from-firesheep-not-even-ashton-kutcher

Firefox Users:
https://www.eff.org/https-everywhere

The plugin works for:

* Google Search
* Wikipedia
* Twitter
* Facebook
* bit.ly
* GMX
* Wordpress.com blogs
* The New York Times
* The Washington Post
* Paypal
* EFF
* Tor
* Ixquick
* and many other sites!

This message has been edited since its posting. Latest edit was made on 03 Mar 2011 @ 3:28

153.3.2011 06:16

You don't need to download anything...just type https:// instead of http://

164.3.2011 11:23

Originally posted by ps3lvanub:
Not every single politician is a dickhead... Just 99% of them.
Wrong! 99.9999% are.

174.3.2011 13:15

Originally posted by ps3lvanub:
Not every single politician is a dickhead... Just 99% of them.
Give me a billion dollars and I can get a plush toy in the Oval Office. ;)

184.3.2011 14:39

Originally posted by molsen:
It's Schumer, he never does anything for the good of the people. It's a grandstanding tactic to get something else pass. He is bringing this issue to light, so when a bill is created he can add pork to it and use this SSL as the main reason. He has done this many times. I wish people of NY can see this.
I'll second that!

194.3.2011 23:38

Beware of anything this politician says. He is as crooked as they come. There must be something on the back end for him or he would not bother talking about it. There are probably other amendments to the bill that let them (Government) see what you are doing or track you in some way.

205.3.2011 01:47

Originally posted by xyqo:
Did I step in to the twilight zone or something? A politician said something tech related that makes sense.

Next weeks episode: Sony will start to care about consumers. And even drop all current lawsuits then restore other OS in the next ps3 update.
It's too late for Sony; they have lost billions of customers worldwide over their behavior this past year.

Comments have been disabled for this article.

News archive