By the end of the year, all WordPress subdomains will run on SSL

Jun 6, 2014 13:34 GMT  ·  By

WordPress has rolled out SSL as the default option for the entire platform, as a way to protect users from prying eyes.

The company’s Paul Sieminski, general counsel for Automattic, explains that a year ago, the company joined the world in shock upon learning that governments were spying on Internet users around the world by tapping Internet service providers’ undersea cables, intentionally and secretly weakening encryption products and collecting from call metadata to photos sent over the Internet.

“Just as troubling as the revelations themselves is the fact that since last summer, little if anything has changed. Despite a lot of rhetoric, our three branches of government in the United States have not made many concrete steps toward truly protecting citizens from unchecked government surveillance,” he added, stressing the frustrating part of the entire story over the past year.

The company behind WordPress, Automattic, has shown support for efforts to reform government surveillance, supporting reform legislation in Congress and participating in “The Day We Fight Back.”

This time around, they’re joining the other companies that are calling for people to “Reset the Net,” to take back their privacy rather than wait for the government to respect it and stop spying.

“In the face of intrusive surveillance, we believe that everyone in the tech community needs to stand up and do what they can, starting with their own sites and platforms. For us, that means working to secure the connection between users and our websites. We’ll be serving all *.wordpress.com subdomains only over SSL by the end of the year,” Sieminski revealed.

The company revealed that if there’s one thing to have learnt over the past year, it’s the fact that encryption, when done correctly, works. This means that if we properly encrypt sites and devices, mass surveillance can be much more difficult to achieve.

Cryptographer Bruce Schneier has recently told Softpedia that this is, indeed, a solution to keep the NSA away from user data. It is a minimal solution that will only protect people from bulk collection of data, but that should be enough.

“The only reason the NSA collects everything is because it's easier than targeting. Encryption forces them to target. And while the NSA might have a larger budget than the rest of the world's intelligence services combined, they are still constrained by economics,” the security expert said.

Of course, if the NSA, or any other spy agency, truly decides to look into your communications, there’s nothing keeping them from doing so, unless you use heavy encryption.