On Tue, Aug 20, 2013 at 3:57 PM, Tyler Romeo <[email protected]> wrote: > The lack of secure login on WMF wikis is a *major security issue*, and > AFAIK is the biggest publicly known security issue in the site.
Indeed. For a Signpost article three years ago, I asked a security researcher (who had co-authored a comparative study of user password handling on 150 websites) about his recommendations for Wikipedia. "Making encrypted transmission of the password the default" was his foremost advice: https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_Signpost/2010-08-02/Technology_report#Study_of_web_passwords_includes_Wikipedia It's excellent news that this issue is finally being resolved, even when there are exceptions and corner cases that need to be addressed. > All you > need is some random checkuser to be using Wikipedia at a Starbucks, and all > of a sudden the privacy policy of every single registered user is violated. > There's big talk all around about "evading the NSA" and attempting to > protect the privacy of our users, but it is literally impossible to protect > users' privacy if we can't even protect their security in the first place. > To re-iterate, privacy depends on security, and right now we have neither > of them. > > Furthermore, secure login is not a new idea. I've been fighting to get this > feature enabled since October 2012 when the secure login functionality in > MW core was finally fixed. Since then, HTTPS login has been deployed > *twice*, but reverted once due to a bug with CentralAuth and once due the > design team concerned about the login form. This will be the third attempt > at deploying this in the past six months, so I don't know why this > discussion had to start right now. > -- Tilman Bayer Senior Operations Analyst (Movement Communications) Wikimedia Foundation IRC (Freenode): HaeB _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
