This article was published on August 29, 2013

Wikimedia implements encrypted HTTPS browsing by default for logged-in users


Wikimedia implements encrypted HTTPS browsing by default for logged-in users

The Wikimedia Foundation has announced that it has enabled HTTPS by default for users who log in to its Wikimedia sites, which include Wikipedia, coming good on a promise it made four weeks ago.

At the beginning of August, Wikimedia revealed plans to implement the more secure protocol in response to leaks regarding the NSA’s XKeyscore program, and the system is now in place — albeit a week later than originally planned.

“By default, all logged-in users will now be using HTTPS to access Wikimedia sites. What this does is encrypt the connection between the Wikimedia servers and the user’s browser so that the information sent between the two is not readable by anyone else,” a blog post from the organization explains.

There are some exceptions however, and Wikimedia says that users in China and Iran will not be covered. The organization says the Chinese exclusion has been made at the request of local users.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

“Some users live in areas where HTTPS is not an easy option, most times because of explicit blocking by a government,” it explains. “At the request of these communities, we have made an explicit exclusion for users from those affected countries.”

China began blocking the encrypted version of Wikipedia following the June 4 Tiananmen anniversary, forcing users to browse the unencrypted version or nothing at all. Wikimedia founder Jimmy Wales told the Wall Street Journal that he will never cooperate with censorship requests and, though he is in favor of enabling encrypted browsing in China, the organization does not have the technology to do so at this point.

Users in countries where HTTPS is default can switch it off via a setting in their profile. That might be necessary if the site is running slowly, but, in general, HTTPS is a better, more secure option for browsing the Web.

HTTPS is popular among many Internet services, particularly in light of recent NSA and PRISM revelations. Facebook completed its transition to default HTTPS browsing this month, while Twitter has offered the feature since 2011.

Headline image via bastique / Flickr

Get the TNW newsletter

Get the most important tech news in your inbox each week.