RSA Conference: Wikipedia founder claims that HTTPS should be used everywhere
RSA Conference: Wikipedia founder claims that HTTPS should be used everywhere

Speaking at a press Q&A session at the RSA Conference Europe in London, Wikipedia founder Jimmy Wales said that all users and websites should move to using HTTPS everywhere "in the longer term, so [they have] secure access all of the time".

He said: “There will be some exceptions to that, but I think we are moving to a level of computational power and it is possible that as Google has moved to do it and it didn't really cost anything, and it is clear that websites can afford to do it. That is something that we should all be doing, as it is something we should all be concerned about, such as session hijacking.”

Wales highlighted the Firesheep plug-in, which can be used for sniffing unencrypted sessions and hijacking online services that require a login. He said that with a friend, he was able to get into his Facebook page and said it was "absolutely trivial to do" and this led him to immediately change his options so it was always secure.

“I would say everyone should do this. In this case I think that privacy and security go hand-in-hand as well as the freedom to not be pursued by your own government,” he said.

“The argument for the Communications Data Bill is that all it wants is to keep up with technology, as before we couldn't listen to the content of your phone calls but we could go to the phone company and get the data of who you were talking to.” He said this may frighten people into being more interested in security.

He later said that the Electronic Frontier Foundation offers an HTTPS port but he had never used it, but it was more important to be secure. He said: “I have never bothered, I made sure my Facebook was secure though, we are moving in a direction where we will use encryption by default so let's assume that your connection to a site will be encrypted and the general public know it but do they understand it? “

“If you give people the choice between a browser that is more secure, then they will choose the one that is more secure,” he said.

Wales said that there were plans to make Wikipedia encrypted, but it required a lot of testing, and he understood it should not be expensive in terms of CPU cycles.