2015-03-10 13:26 GMT+01:00 Comet styles cometstyles@gmail.com:
for an organization taking on the NSA for "spying"..why are we using https? doesn't that show that we are already scared of them and running with our tail between our legs?
(For non-technical readers: the HTTP protocol is the normal way to send around information on the web. HTTPS is the secure way of sending said information, adding encryption among other things, to avoid eavesdropping.)
HTTP traffic can easily be tracked by people sharing the same network, by your Internet service provider and so on. If one cares about privacy, HTTPS is always important. It's worth noting that the NSA is not the only government agency in the world. I'd be even more worried about a number of countries where there would be little chance to fight the intruding party in the courtroom.
Side note: you could probably track most HTTPS traffic to Wikipedia as well, even if you're not the NSA. Normally you would see that the user has accessed Wikipedia, but not which article. A way around that would be to let a spider (https://en.wikipedia.org/wiki/Web_crawler) track the byte size of Wikipedia articles, which should be individual enough as soon as images are involved and compare it to the size of the page the user just accessed. If two articles happen to be of exactly the same size, compare with incoming and outgoing wiki links and see if the user accessed any page linking to or linked from one the articles to determine which one. But it would at least take some sort of effort, and wouldn't be perfect.
//Johan Jönsson --