HyperText Transfer Protocol Secure is a method for protecting various forms of online communication -- from payments to private emails. A boon for corporations and individuals alike, the service essentially encrypts communication transmissions and helps protect against malicious cyber attacks. Many browsers have even adopted HTTPS for myriad uses even though it isn't the panacea to all the ills of the internet many would hope.
Residents of over a dozen countries were affected last week by an issue that disabled their Hotmail HTTPS, leaving them unable to turn the security measure back on.
The EFFs Eva Galperin reported on the effects of the unexpected shutdown prior to word from Microsoft that it was apparently the work of an unforeseen glitch.
Before the company fixed the issue and clarified what had happened, citizens of Jordan, Lebanon and Syria (among others) found that their Hotmail HTTPS protection was turned off by default. When they attempted to turn it back on, an error message popped up saying the function wasn't available.
Galperin pointed out that for many living in certain countries, such a security measure is vital.
While your average American may have less to fear about their government eavesdropping on their eBay spending habits or gaining access to emails critical of Congress, other nations prefer to keep dissidents (and even normal people) on a tighter leash. This is especially true for journalists and activists, Galpin notes.
Ever the stewards of online rights, the EFF pointed out a simple workaround prior to the official Microsoft fix that merely required those whose Hotmail accounts were affected to change their country of origin to that of an unaffected country. The cyber liberties group also happens to offer a Firefox extension - HTTPS Everywhere - to help better protect web denizens. Sadly, it's only effective at sites which feature HTTPS.
A Microsoft employee wrote on the Windows Live Help forum on late Friday that the issue had been fixed. "Account security is a top priority for Hotmail and our support for HTTPS is worldwide – we do not intentionally limit support by region or geography and this issue was not restricted to any specific region of the world," she said. "We apologize for any inconvenience to our customers that this may have caused."
Did you or someone you know experience the problem firsthand? Share your thoughts in the comments.
