On 6/25/15, Deryck Chan deryckchan@wikimedia.hk wrote:
Understanding comes both ways. Since Snowden's whistleblowing, the tech community has already been denounced by a significant proportion of society as selfish nerds who value their own privacy over (communal / national) security and order. Our switch to https-only (as opposed to https-recommended) is only sealing that impression.
This doesn't make logical sense to me.
Coincidentally with the switch to https-only, China has blocked the Chinese Wikipedia.
AFAIK, this happened before the https switch. Causality usually doesn't go backwards in time.
We always need to balance security and accessibility. I feel that it is unwise to remove even the option to use Wikimedia without https encryption. With the systemic bias of Wikipedia, I feel that this switch has cost us more in loss of breadth of readership than we gain in security.
Or it reduces systemic bias by allowing people to express their opinion without feeling that they are being watched (People tend to be more conformist when they think they might be watched).
"Not our fault" is not good enough when an encyclopedia loses a small but significant proportion of its readership, not out of the readers' voluntary choice.
Lots of things aren't our fault. However sometimes we have to do things about stuff that isn't our fault. Proving that the "encyclopedia loses a small but significant proportion of its readership" (And in particular quantifying the number) would be step 1 to convincing (at least me) that we should do something about it. Step 2 would be combing up with some rationale argument about when the benefits of https-only outweight the drawbacks. Is sufficient harm when 1 person is affected? Is sufficient harm when 0.0001% of readers are affected? 1% ? Some other number?
-- bawolff