After many months of struggle, WMF takes one big step towards a more secure Wikipedia. Good job everybody!
*-- * *Tyler Romeo* Stevens Institute of Technology, Class of 2016 Major in Computer Science www.whizkidztech.com | [email protected] On Wed, Aug 28, 2013 at 6:11 PM, Greg Grossmeier <[email protected]> wrote: > == HTTPS enabled by default for logged-in users on Wikimedia sites == > > Today, August 28, the Wikimedia Foundation is making a change to the > software that powers the Wikimedia projects: By default, all logged-in > users will now be using HTTPS to access Wikimedia sites. What this does > is encrypt the connection between the Wikimedia servers and the user's > browser so that the information sent between the two is not readable by > anyone else. This is in response to the recent concerns over the privacy > and security of our user community, and we explained the rationale for > this change in our post about the future of HTTPS at Wikimedia[0]. > > ===What this means for you === > > How this works is simple: If a user wants to log in, they will be > redirected to use HTTPS for the login, thus keeping their username and > password secure. After they are logged in, they stay on the HTTPS > version of the Wikimedia site they are using. > > === Excluded Countries === > Some users live in areas where HTTPS is not an easy option, most times > because of explicit blocking by a government. At the request of these > communities, we have made an explicit exclusion for users from those > affected countries. Simply put, users from China and Iran will not be > required to use HTTPS for logging in, nor for viewing any Wikimedia > project site > > ===Disabling=== > > Are you having a slow or unreliable experience while browsing Wikimedia > sites over HTTPS? Then you can turn HTTPS off in your user preferences, > under the "User profile" tab: Uncheck "Always use a secure connection > when logged in". You will need to log out and log in again for the > preference to take effect. But remember, you will still need to log in > using the secure HTTPS process. > > ===HELP!=== > For further details, please see the HTTPS[1] page on Meta-Wiki, which is > available in several languages. > > Are you unable to log in and edit a Wikimedia wiki after this change? > Please contact the Wikimedia Foundation Operations team via any means > you find comfortable, including this blog post's comments section, on > IRC in the #wikimedia-operations channel, or via the [email protected] > email address. > > > Greg Grossmeier > > [0] > http://blog.wikimedia.org/2013/08/01/future-https-wikimedia-projects/ > [1] http://meta.wikimedia.org/wiki/HTTPS > > -- > | Greg Grossmeier GPG: B2FA 27B1 F7EB D327 6B8E | > | identi.ca: @greg A18D 1138 8E47 FAC8 1C7D | > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
