Today, TechCrunch is proud to announce we’ve become a part of the movement to protect our readers by joining the web’s push forward toward HTTPS. That extra “S” we’re now sporting in our URLs is a subtle change with serious impact that protects you from hacks such as the Newstweek and other, more malicious exploits.
The Newstweek is a small device that plugs into a wall outlet and allows individuals to modify the contents of news sites for unwitting readers using public Wi-Fi networks. According to Newstweek’s website, the discreet gadget is intended to “provide opportunity for citizens to have their turn to manipulate the press, generate propaganda or simply ‘fix facts’ as they pass across a wireless network.”
If that sounds like fun, here are DIY instructions for hacking together your very own. Newstweek is a real device, but it isn’t really malicious — it’s part of an interactive art project that’s making a statement about how easily our browser-based realities can be manipulated by third parties.
We invested in making this switch because having an authentic, private relationship with our readers is important to us. When visiting a site served by HTTP, you don’t know for sure that the site you’re accessing is really the site you think you’re accessing, that the content on that site has not been altered by a third party, or that your browsing history is not being tracked by an outside observer. When you visit a site served via HTTPS, you are protected against these concerns.
At TechCrunch, we value our readers’ privacy and want them to trust our work. Now that we’re HTTPS, readers can feel confident that our content hasn’t been tweaked by anyone (except our diligent editors) and that their browsing history isn’t tracked. HTTPS also makes our tips page more secure, so tipsters can feel confident that their notes to us can’t be read by someone surveilling their Wi-Fi connection.
The performance implications of encrypting and decrypting requests used to be a valid reason to choose HTTP over HTTPS in many cases. But technology has evolved, and the only real barrier holding media sites back from making this transition is the tedious work of ensuring all assets on our pages are served via secure connections so that they don’t stop working if we make the switch, including the ads we rely on to keep our lights on.
We’re not the first media site to undertake this change. Our comrades at other outlets like the Washington Post and Wired have also taken the leap and been open with their readers about the change and its challenges. We’re proud to join them today, and hope the teams at all media organizations will take it upon themselves to prioritize these migrations, too.
Thank you for bearing with us through any negative side effects from this change. We’ll be on the lookout for issues, but as the signs on the subway say, if you see something, please do say something.