Here's the "nutshell" description:
"Since we started switching to HTTPS and an increasing portion of inbound
traffic happens over SSL, Wikimedia sites stopped advertising themselves as
sources of referred traffic to external sites. While this is a literal
implication of HTTPS, it means that Wikimedia's impact on traffic directed
to other sites is becoming largely invisible: *is Wikimedia turning into a
large source of dark traffic?* I review a use case (traffic directed to
CrossRef) and discuss how other top web properties deal with this issue by
adopting a so-called "Referrer Policy"."
I don't know anything about this beyond what I've read on Meta, but I think
it offers some useful background for this discussion.
Pete
--
Pete Forsyth
[[User:Peteforsyth]] on English Wikipedia, Wikisource, Commons, etc.
On Tue, Mar 10, 2015 at 7:58 AM, Andrew Lih <andrew.lih(a)gmail.com> wrote:
Probably a good time for everyone to know about
EFF's HTTPS Everywhere:
HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts
your communications with many major websites, making your browsing more
secure. Encrypt the web: Install HTTPS Everywhere today.
https://www.eff.org/https-everywhere
On Tue, Mar 10, 2015 at 10:02 AM, Johan Jönsson <brevlistor(a)gmail.com>
wrote:
2015-03-10 13:26 GMT+01:00 Comet styles
<cometstyles(a)gmail.com>om>:
for an organization taking on the NSA for
"spying"..why are we using
https? doesn't that show that we are already scared of them and
running with our tail between our legs?
(For non-technical readers: the HTTP protocol is the normal way to send
around information on the web. HTTPS is the secure way of sending said
information, adding encryption among other things, to avoid
eavesdropping.)
HTTP traffic can easily be tracked by people sharing the same network, by
your Internet service provider and so on. If one cares about privacy,
HTTPS
is always important. It's worth noting that
the NSA is not the only
government agency in the world. I'd be even more worried about a number
of
countries where there would be little chance to
fight the intruding party
in the courtroom.
Side note: you could probably track most HTTPS traffic to Wikipedia as
well, even if you're not the NSA. Normally you would see that the user
has
accessed Wikipedia, but not which article. A way
around that would be to
let a spider (
https://en.wikipedia.org/wiki/Web_crawler) track the byte
size of Wikipedia articles, which should be individual enough as soon as
images are involved and compare it to the size of the page the user just
accessed. If two articles happen to be of exactly the same size, compare
with incoming and outgoing wiki links and see if the user accessed any
page
linking to or linked from one the articles to
determine which one. But it
would at least take some sort of effort, and wouldn't be perfect.
//Johan Jönsson
--
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines
Wikimedia-l(a)lists.wikimedia.org
Unsubscribe:
https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe>