https://bugzilla.wikimedia.org/show_bug.cgi?id=47832
Bawolff (Brian Wolff) <bawolff...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bawolff...@gmail.com
--- Comment #9 from Bawolff (Brian Wolff) <bawolff...@gmail.com> ---
I know this is politically charged, but what's the security goal for forcing
anons to use SSL. Stop government from eavesdropping on the communication that
they could just as easily get from reading Special:Recentchanges?
Stop government from figuring out which articles somebody is reading? Well
that's a goal I support, will SSL actually stop that? Assuming government can
monitor the encrypted traffic going down the wire, they should be able to see
how much traffic has been transferred. I imagine this somewhat uniquely
identifies an article, especially when you consider images. OTOH, I suppose it
makes figuring out which article they are reading more difficult, and you can't
just snoop for keywords.
OTOH SSL everywhere all the time certainly couldn't hurt. But that's a long
process. Step 1 sounds like a reasonable starting point.
[Not a security expert. Let me know if I said anything stupid and wrong :)]
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
