> Anirudh Bhati wrote: >> On Mon, May 7, 2012 at 12:56 PM, Debanjan Bandyopadhyay <debast...@gmail.com >> wrote: >> Ok then can we not make the default version the https one like say google >> does. > > This will not be a permanent solution, I'm afraid.
Encrypting your browser traffic does quite durably protect you against the kind of injection attacks we're discussing (the injection of advertisements). I personally use the HTTPS Everywhere plugin (available for Chrome and Firefox) to ensure that I always browse Wikimedia and many other sites under SSL protection (that is, via HTTPS). https://www.eff.org/https-everywhere I'm not suggesting that we set out to persuade millions of people to switch to open source browsers and install this extension, but if you're already using Firefox or Chrome, I recommend HTTPS Everywhere for your own peace of mind. The most recent discussion, among Wikimedia developers, of whether to switch to HTTPS-by-default for all connections: http://lists.wikimedia.org/pipermail/wikitech-l/2012-April/thread.html#59551 In it, Ryan Lane from Wikimedia operations says that there are practical reasons that "we have no plans for anonymous HTTPS by default, but will eventually default to HTTPS for logged-in users": http://lists.wikimedia.org/pipermail/wikitech-l/2012-April/059580.html -- Sumana Harihareswara Engineering Community Manager Wikimedia Foundation _______________________________________________ Wikimediaindia-l mailing list Wikimediaindiafirstname.lastname@example.org To unsubscribe from the list / change mailing preferences visit https://lists.wikimedia.org/mailman/listinfo/wikimediaindia-l