If we properly encrypt our sites and devices, we can make mass surveillance much more difficult. We’ll be serving pages only over SSL for all *.wordpress.com subdomains by the end of the year.
Reset the Net
A year ago today, we joined the world in shock on learning that governments were spying on internet users around the world. Tapping internet service providers’ undersea cables, intentionally and secretly weakening encryption products, surreptitiously collecting everything from call metadata to photos sent over the internet by US citizens — nothing was off limits.
Just as troubling as the revelations themselves is the fact that since last summer, little if anything has changed. Despite a lot of rhetoric, our three branches of government in the United States have not made many concrete steps toward truly protecting citizens from unchecked government surveillance.
Automattic has been a strong supporter of efforts to reform government surveillance. We’ve supported reform legislation in Congress, and participated in the Day We Fight Back, earlier this year. More importantly, we aim to make our own legal processes for securing the information our users entrust to us as transparent and protective as possible.
Be the change you want to see in the world — that’s why we’re joining the many other companies who are participating today in Reset the Net. In the face of intrusive surveillance, we believe that everyone in the tech community needs to stand up and do what they can, starting with their own sites and platforms. For us, that means working to secure the connection between users and our websites. We’ll be serving all *.wordpress.com subdomains only over SSL by the end of the year.
If we’ve learned anything over the past year, it’s that encryption, when done correctly, works. If we properly encrypt our sites and devices, we can make mass surveillance much more difficult.
We’re happy to be taking these steps and hope that the coming year brings real reform to end mass surveillance.
- Jun 5, 2014 @ 1:20 pm
Excellent! This is great news and I support WordPress in its efforts to protect its members.
Thank you. It is disturbing the lengths governments go and spin it as being to protect their people. They’re just snooping. I’m all for RESETTING THE NET.
Thank you for participating in Re-Set the Net!
“All that is necessary for evil to triumph is for good men to do nothing.” Edmund Burke
You’d think humanity would have learned this lesson by now.
Great news, just hoping it won’t slow down the servers significantly
LOVE this, and THANK YOU.
Excellent, this is good to hear.
I second Josh’s request — using a *.wordpress.com certs for custom domains encourages people to get into the habit of ignoring cert mismatch warnings or adding exceptions without thinking about them.
Much needed, and thanks.
Who in their right mind would post something on a public forum that they know the government would be interested in? Nevermind….evidently more than I thought.
Thanks for taking a public stand on this issue. Not everyone who posts articles to a blog is a disgruntled dissident. If Aleksandr Solzhenitsyn was posting to a blog would he also be categorized a person of interest? Blogs are meant to communicate not alienate and intimidate people from their society.
I’m just not sure my blog is interesting enough for any government to bother with!
Thank you WordPress !
Reblogged this on Wendomattic and commented:
Here’s another reason why I’m glad to be a WordPress user as well as an Automattic employee. While I personally feel that my internet activity is pretty boring, I also believe that the government shouldn’t have unfettered and illegal access to my information and activities – or yours either. It’s a slippery slope, my friends, and we need to try to stop the slide now.
With quantum supercomputer on its full reach, none of the best encryption methods will be enough secure. Indeed, the encryption mehods known by today cannot even make QSC a tickling… :\
Saying that “if we have nothing to fear, we have nothing to hide” is as true as “if we have no discernible illness, we have nothing to fear from going to the doctors”. We’ll never know when governments will suddenly ‘discover’ that so-and-so internet activities are “bad” just because it does not suit them (see Anti-Social Act in the UK). I want my liberty to be kept safe from government provocations!
While I applaud the efforts to make WordPress more secure, I am surprised you were shocked to discover governments were tracking internet use and collecting data. First, because it isn’t new. And second, it should have been assumed. Was I shocked? No. Why? Because there are commercial internet sites, such as Facebook, that are more concerned about my internet use than the government. Within five seconds of looking at a product I might be interested in purchasing, I am bombarded with ads for the same or similar products on my FB feed. If I search for an airline fare, ads for flights to that destination pop up on lots of web pages I access.Commercial ventures are certainly tracking and selling data about me everyday.
Possibly the tables should be turned back against the snoopers and give them a distraction which may slow down their snooping ways if someone is snooping against them.I am fully in agreement with protecting data and your solution sounds great, but still possibly six months away, if by then, but certainly a step in the right direction.
The problem with governments is the paranoia that rules their every move, and too many cooks breeds more paranoia than is necessary. Rock on the new stone age!
Did you get this? I am reading through everything and following the link. There is some very interesting stuff and I am greatly encouraged that there just might be something we can do. I don’t know why I haven’t run across all this before. Bob Grahame
myBobLog • PhotoBlog • Feature Photos
This is great and yes a good step taken… thanks.
I think this is a good idea. While I think my postings are boring, it concerns me that my own government is possibly looking at my postings looking for something to target me with. Who would have thought the IRS would concentrate on groups that had target words like “freedom” and “patriot” in their names. And politicians would call these same grass roots groups “terrorists”. They thought they were doing nothing wrong either.
Thanks WordPress. When people begin to realize that the NSA mass snooping is not just for “national security,” [the meme to excuse anything], but that a large portion of the data mining is for commercial purposes involving contracts with ‘private’ corporations with intimate ties to the government, they might then realize that it is about much more than their data being ‘boring’ or of no use to national security. The growing integration of corporate and government activities in the interests of “managing” the remaining fragments of democracy and the marketing of “ideas” that sell products and keep the population distracted from the loss of freedoms, is the real threat of government/corporate surveillance and massive data analysis. It is scary.
Right Paul ~ ~ Nothing stopped ‘off limits ‘~
. Users identity theft
. Data’s property violation
What are the U.S. laws for both above ?
Thanks WP taking care
Technology in the hands of the unethical is a dangerous thing. Thank you for all you are doing.
Thank you for your concern on our behalf and for your continued commitment to freedom.
Thank you for this. When I saw Edward Snowden telling Brian Williams in that interview a couple of weeks ago that U.S. surveillance agencies were watching how people were DRAFTING their comments online, I was horrified. So happy to see you’ll be encrypting WordPress. Thank you again.
I’m glad WordPress is joining the campaign and doing something to ensure web safety. Just because someone blogs doesn’t automatically mean it’s up for grabs to be violated. It’s like saying just because a woman wears make up, or is well dressed she’s asking to be raped. Hugely offensive and my scribblings are not to be violated by anyone, so a big Thank You.
I’ve long felt encryption was a good method and practice to perform to ensure privacy among communicating parties. However, the technology was not advanced enough to make the system easy for involved parties to use. One party may have received an encrypted message but the other party may not have sent the proper public key information allowing decryption of the message. This may no longer be a problem if the Internet is the principle secure site to initiate, edit, store, and send the message as well as to transmit, store, decrypt, and allow the recipient to read, respond, and encrypt her/his response to the originator. These keys could be one time keys only for the particular message at issue or permanent ones. Nevertheless, Authorizing Bodies such as Thawte, Verisign, and Microsoft, have not made usage transparent and flawless. Of course, this situation may have changed and the public may have discovered that their PCs (Microsoft compatible software systems) are now able to perform these once arcane series of privacy tactics to protect them from inadvertent and malicious hackers.
I’m not certain the word to use is “Shock” when talking about government monitoring of the world’s largest communication network. I’m thinking “expectation” is more accurate.
Thank you! A very informative site on an issue that should be followed by the country, but most importantly for writers and others using the internet for their work.
Everywhere I go, cookies rule. Never seen them warned about here, yet. Thank goodness!
It is fascinating how WordPress can make this look like something new and radical when in reality it should have been done over a year ago, much like Yahoo not using SSL on their email client yet :\
Also since NSA has successfully cracked AES 256 how will this stop surveillance of the type you speak?
I do not know anything about but certainly makes me feel that we are living in a violent society lead by the people in power. They use to say that those totalitarian governments are the ones that spy on people…
Hear! Hear! This (and more) is long overdue to block these fools.
Thanks for the great work.
I am at your service, if help is needed in any way!