From PC World:
More than two dozen U.S. government websites should be urgently upgraded to use encryption, as whistleblowers are potentially at risk, according to the American Civil Liberties Union.
At least 29 websites that can be used for reporting abuse and fraud don't use encryption, the ACLU said in a letter sent on Tuesday to the U.S.'s top technology chief, CIO Tony Scott.
There has been a broad push recently to move websites to using SSL/TLS (secure sockets layer/transport security layer) encryption. Most e-commerce sites use SSL/TLS, but the case has grown stronger for its broader adoption because of a surge in state-sponsored espionage and cybercriminal activity.
The government plans to upgrade all of its websites within two years to use encryption, signified by "https" in a browser's URL bar. It prevents data that is exchanged between a computer and a website from being read if it is intercepted or tampered with during a man-in-the-middle attack.
The ACLU said that the timeline "is not soon enough for some sensitive sites," which it said included the Justice Department, Treasury Department and the Department of Homeland Security.
(Score: 3, Insightful) by Leebert on Sunday April 19 2015, @03:39AM
*snort* Yeah, two years. We'll get right on that. Just as soon as we're finished with that mandate for all public network services to be IPv6-enabled by September 2012 [whitehouse.gov].
(Score: 2) by maxwell demon on Sunday April 19 2015, @10:58AM
I see, you're not yet used to four-digit abbreviated dates. You know, people figured out that while giving only the last two digits of a year can cause problems every century, using four digits will not give any problems until the year 10000. So they decided that four-digit years are safe for now. Unfortunately that means that really long-term plans got truncated dates. In particular, the IPv6 project is scheduled to be finished in September 32012.
The Tao of math: The numbers you can count are not the real numbers.