- Amanda Holden’s bad coronavirus advice sheds light on the struggle of being immunocompromised Friday 9:03 PM
- The World Health Organization is now fighting coronavirus misinformation on TikTok Friday 8:43 PM
- Police are using coronavirus misinformation to trick people into turning in drugs Friday 8:11 PM
- People can’t stop touching their faces–and the CDC really wants them to Friday 7:31 PM
- A TikTok of a girl getting an abortion is going viral—and the internet is divided Friday 3:06 PM
- FCC proposes $200 million fine for T-Mobile, others over data sharing Friday 3:03 PM
- Which ‘Love is Blind’ couples are still together? Friday 2:01 PM
- Review: ‘The Invisible Man’ reboot is thrilling but basic Friday 1:25 PM
- Sex workers speak out after OnlyFans leak Friday 1:21 PM
- Normani addresses Camila Cabello’s racist social media posts Friday 1:07 PM
- Mike Huckabee’s defense of Trump’s coronavirus response will make you nauseous Friday 12:06 PM
- Gmail’s email filtering may affect what candidate emails you are seeing Friday 11:08 AM
- Woman shares aftermath of domestic abuse: ‘This is only to raise awareness’ Friday 10:40 AM
- Skai Jackson gets restraining order against Bhad Bhabie after death threat Friday 10:19 AM
- Taylor Swift shades Scooter Braun in ‘The Man’ video Friday 10:15 AM
White House urges all federal websites to adopt HTTPS
It’s a good first step, at least.
U.S. government websites may soon get a lot more secure.
In an effort to close security gaps that have resulted in multiple security breaches of government servers, the Obama administration on Tuesday introduced a proposal to require all publicly accessible federal websites to use the HTTPS encryption standard.
“The majority of federal websites use HTTP as the as primary protocol to communicate over the public Internet,” reads the proposal on the website of the U.S. Chief Information Officer. “Unencrypted HTTP connections create a privacy vulnerability and expose potentially sensitive information about users of unencrypted Federal websites and services.”
The White House Office of Management and Budget, which released the proposal, acknowledged that switching to HTTPS would not be free, but said that “the tangible benefits to the American public outweigh the cost to the taxpayer.”
Websites subject to the proposal would include those run by outside contractors on behalf of the government. The CIO’s proposal would cover all websites that “present government information or provide services to the public or a specific user group and support the performance of an agency’s mission,” according to the proposal.
The proposal would exclude employee-only government intranets, although it encouraged those portals to adopt HTTPS as well.
The office of the CIO encouraged agencies that signed onto the proposal to prioritize their most sensitive services in deploying HTTPS.
“Web services that involve an exchange of personally identifiable information (PII), where the content is unambiguously sensitive in nature, or where the content receives a high-level of traffic, should receive priority,” the CIO said.
The Obama administration has set up a GitHub page where anyone can offer feedback on the HTTPS proposal. Comments can also be emailed to the CIO at the address provided on the GitHub page. The feedback deadline is March 31.
Photo via Matt H. Wade/Wikimedia (CC BY 2.0) | Remix by Max Fleishman
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.