New Website Publicly Shames Apps and Services without Encryption
- By Ginger Hill
- Aug 20, 2014
As most of you know, I am a dog mom to Mollie Browne, a Border Collie/Aussie mix that I rescued at 3 months old, and now, I couldn’t imagine my life without her. Because of this, I love all things dog, especially the website Dog Shaming, which is dedicated to showing canines at their “worst” moments in a humorous way. Taking this concept, a new website, HTTP Shaming, aims to publicly shame apps and web services operating without encryption.
Software engineer Tony Webster is the mastermind behind this security shaming site in which he posts cases of insecure communications, naming businesses that send customers’ personal information to the Internet without first encrypting it.
Webster has already identified TripIt, a travel information firm that allows users to bring together ticket, flight times and itinerary information and sync it with other devices and even share it with others. Come to find out, however, this information is not encrypted so hackers could not only get full access to names, phone numbers, email addresses, the last four digits of credit card numbers and emergency contact information but they could also change or cancel victim’s flights.
To date, a total of 19 applications and services have made Webster’s shaming list. Hopefully your favorite is not on this list.
Ginger Hill is Group Social Media Manager.