Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on August 29, 2013

    Wikimedia implements encrypted HTTPS browsing by default for logged-in users

    Wikimedia implements encrypted HTTPS browsing by default for logged-in users
    Jon Russell
    Story by

    Jon Russell

    Jon Russell was Asia Editor for The Next Web from 2011 to 2014. Originally from the UK, he lives in Bangkok, Thailand. You can find him on T Jon Russell was Asia Editor for The Next Web from 2011 to 2014. Originally from the UK, he lives in Bangkok, Thailand. You can find him on Twitter, Angel List, LinkedIn.

    The Wikimedia Foundation has announced that it has enabled HTTPS by default for users who log in to its Wikimedia sites, which include Wikipedia, coming good on a promise it made four weeks ago.

    At the beginning of August, Wikimedia revealed plans to implement the more secure protocol in response to leaks regarding the NSA’s XKeyscore program, and the system is now in place — albeit a week later than originally planned.

    “By default, all logged-in users will now be using HTTPS to access Wikimedia sites. What this does is encrypt the connection between the Wikimedia servers and the user’s browser so that the information sent between the two is not readable by anyone else,” a blog post from the organization explains.

    There are some exceptions however, and Wikimedia says that users in China and Iran will not be covered. The organization says the Chinese exclusion has been made at the request of local users.

    “Some users live in areas where HTTPS is not an easy option, most times because of explicit blocking by a government,” it explains. “At the request of these communities, we have made an explicit exclusion for users from those affected countries.”

    China began blocking the encrypted version of Wikipedia following the June 4 Tiananmen anniversary, forcing users to browse the unencrypted version or nothing at all. Wikimedia founder Jimmy Wales told the Wall Street Journal that he will never cooperate with censorship requests and, though he is in favor of enabling encrypted browsing in China, the organization does not have the technology to do so at this point.

    Users in countries where HTTPS is default can switch it off via a setting in their profile. That might be necessary if the site is running slowly, but, in general, HTTPS is a better, more secure option for browsing the Web.

    HTTPS is popular among many Internet services, particularly in light of recent NSA and PRISM revelations. Facebook completed its transition to default HTTPS browsing this month, while Twitter has offered the feature since 2011.

    Headline image via bastique / Flickr