[HTTPS-Everywhere] httpS log-on page
Frank Corrigan
email at franciscorrigan.com
Sat Jun 4 08:58:23 PDT 2011
The blog provider tumblr.com has introduced a very annoying override on
it's httpS log-on page, when the log-in button is pressed a Security
Warning pops up with:
"Although this page is encrypted, the information you have entered is to
be sent over an unencrypted connection and could easily be read by a
third party.
Are you sure you want to continue sending this information?"
View screen capture:
https://franciscorrigan.files.wordpress.com/2011/06/tumblr-https.png
I am not seeking technical help, just to alert list members to the
subversion of https when entering passwords and usernames/email
addresses. Which follows on from wordpress.com removal of the S in httpS
for any https based url posted on a blog hosted under wordpress.com,
when the posted httpS url is also a wordpress.com blog. (like the one
above...)
Frank
More information about the HTTPS-everywhere
mailing list