SoylentNews is people
SoylentNews
The amount of personal data traveling to and from the Internet has exploded, yet many applications and services continue to put user information at risk by not encrypting data sent over wireless networks. Software engineer Tony Webster has a classic solution — shame.
Webster decided to see if a little public humiliation could convince companies to better secure their customers' information. On Saturday, the consultant created a website, HTTP Shaming ( http://httpshaming.tumblr.com/ ) , and began posting cases of insecure communications, calling out businesses that send their customers' personal information to the Internet without encrypting it first.
This discussion has been archived.
No new comments can be posted.
Website Aims to Publicly Shame Apps with Lax Security
|
Log In/Create an Account
| Top
| 7 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Now KEN and BARBIE are PERMANENTLY ADDICTED to MIND-ALTERING DRUGS ...
(Score: 4, Informative) by MrGuy on Thursday August 21 2014, @03:39PM
TFA is unclear on this, but if you look at the actual site, the shaming is of sites that send sensitive information (logins, passwords, chat contents, profile information) via http rather than https. That's pretty much it. The actual site doesn't even talk about wireless vs. wired networks.
However, the author of the TFA does focus on wireless networks, probably because it's one of the simplest attack vectors for non-encrypted traffic (just pop down to the local starbucks, log in, and you can see the non-https traffic of anyone else on the network). That's comparatively harder to do casually over a wired network.