There's a relevant research project outlined on Meta, about HTTPS: https://meta.wikimedia.org/wiki/Research:Wikimedia_referrer_policy
Here's the "nutshell" description: "Since we started switching to HTTPS and an increasing portion of inbound traffic happens over SSL, Wikimedia sites stopped advertising themselves as sources of referred traffic to external sites. While this is a literal implication of HTTPS, it means that Wikimedia's impact on traffic directed to other sites is becoming largely invisible: *is Wikimedia turning into a large source of dark traffic?* I review a use case (traffic directed to CrossRef) and discuss how other top web properties deal with this issue by adopting a so-called "Referrer Policy"." I don't know anything about this beyond what I've read on Meta, but I think it offers some useful background for this discussion. Pete -- Pete Forsyth [[User:Peteforsyth]] on English Wikipedia, Wikisource, Commons, etc. On Tue, Mar 10, 2015 at 7:58 AM, Andrew Lih <[email protected]> wrote: > Probably a good time for everyone to know about EFF's HTTPS Everywhere: > > HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts > your communications with many major websites, making your browsing more > secure. Encrypt the web: Install HTTPS Everywhere today. > > https://www.eff.org/https-everywhere > > > > On Tue, Mar 10, 2015 at 10:02 AM, Johan Jönsson <[email protected]> > wrote: > > > 2015-03-10 13:26 GMT+01:00 Comet styles <[email protected]>: > > > > > for an organization taking on the NSA for "spying"..why are we using > > > https? doesn't that show that we are already scared of them and > > > running with our tail between our legs? > > > > > > > (For non-technical readers: the HTTP protocol is the normal way to send > > around information on the web. HTTPS is the secure way of sending said > > information, adding encryption among other things, to avoid > eavesdropping.) > > > > HTTP traffic can easily be tracked by people sharing the same network, by > > your Internet service provider and so on. If one cares about privacy, > HTTPS > > is always important. It's worth noting that the NSA is not the only > > government agency in the world. I'd be even more worried about a number > of > > countries where there would be little chance to fight the intruding party > > in the courtroom. > > > > Side note: you could probably track most HTTPS traffic to Wikipedia as > > well, even if you're not the NSA. Normally you would see that the user > has > > accessed Wikipedia, but not which article. A way around that would be to > > let a spider (https://en.wikipedia.org/wiki/Web_crawler) track the byte > > size of Wikipedia articles, which should be individual enough as soon as > > images are involved and compare it to the size of the page the user just > > accessed. If two articles happen to be of exactly the same size, compare > > with incoming and outgoing wiki links and see if the user accessed any > page > > linking to or linked from one the articles to determine which one. But it > > would at least take some sort of effort, and wouldn't be perfect. > > > > //Johan Jönsson > > -- > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: > > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > > [email protected] > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > > <mailto:[email protected]?subject=unsubscribe> > > > _______________________________________________ > Wikimedia-l mailing list, guidelines at: > https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines > [email protected] > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, > <mailto:[email protected]?subject=unsubscribe> > _______________________________________________ Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines [email protected] Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, <mailto:[email protected]?subject=unsubscribe>
