Stuart Breckenridge

The Guardian Goes HTTPS Only

Mariot Chauvin and Huma Islam, writing for The Guardian:

By using HTTPS, internet service providers (ISPs) are not able to track the pages our readers are accessing. It means we protect the privacy of our readers when accessing content that may disclose political opinions, faith, sexual orientation or any information that may be used against them. It matches our core values.

This is particularly important given the recent introduction of the Investigatory Powers Act, which makes it mandatory for ISPs to store records of websites visited by their customers for 12 months. HTTPS protects your privacy.

Also of note, they’ve stopped using their very recognisable short URL:

Before Twitter stopped counting url characters and forced all urls to be shortened by its own service short urls had a utility. This is no longer the case. Our short url implementation also had a negative impact on latency as it was forcing the browser to perform three redirects. This is clearly something you want to avoid with HTTPS, so we simply decided to stop using them.

I quite like short urls from a how-they-look perspective, but I find it hard to argue with their reasoning: three redirects ( to to to the destination URL) is excessive.

I’m a big proponent of going HTTPS only. Indeed, this website has been setup as HTTPS only since it was made live. It’s easy to implement and free (thanks, Let’s Encrypt). If you haven’t implemented HTTPS, I’d urge you to do so.

Supported by