Co-conspirators may have noticed that a little lock now appears in their browser when they come to read Guido. This is because we have switched to HTTPS, the industry standard for providing encryption, authentication, and integrity for content on the web.
We have done this because the news you read can provide intimate details about your interests, your work, and your personal life that you may want to keep private from prying eyes. Without HTTPS, an eavesdropper—whether it’s a snooper on public wifi, or GCHQ collecting information about websites you visit—can trivially see exactly what news articles you read when you go to sites. Eavesdropping on people reading the news is a real threat, as demonstrated by the NSA and GCHQ spying on visitors to WikiLeaks.org.
HTTPS prevents this type of spying, and while an eavesdropper might be able to determine that you visited the website that the Russian Foreign Ministry instructs diplomats to read to find out what is going on in Westmnster, they wouldn’t be able to see which specific stories you read.
According to Der Spiegel GCHQ takes advantage of the lack of encryption to inject malware into a website, which can lead to the complete compromise of a user’s computer and all of their data. A version of this technique, codenamed “Quantum Insert,” was used by GCHQ to attack network sysadmins who read Slashdot, the popular news website in the IT community. (Slashdot has since deployed HTTPS site-wide). Guido wants to protect you from government spies…