Tuesday, November 18, 2014

Web (in)Security

Yesterday,  I received the following from CoveredCA: 

New!  iPad Online Application:  Replace "HTTPS" with "HTTP" in URL Address
If you are using your iPad for enrollment and already have an URL saved to get to the open enrollment online application, you will need to update the URL Hyper Text Transfer Protocol Secure (HTTPS) address by removing the “S” from the “HTTPS” in the URL address so you can access the open enrollment online application. 
Seriously?   HTTPS is the secure protocol for transmitting information over the internet. HTTP is open text that's readable by anybody who intercepts the transmission.  Nobody should EVER use HTTP for any kind of sensitive work...even Facebook uses HTTPS:
blog comments powered by Disqus