The New York Times Just Became Much Less Vulnerable to Online Attack

Tech wonks and news watchdogs from inside and outside the Times applauded the move.

The New York Times' midtown Manhattan headquarters.
The New York Times’ midtown Manhattan headquarters. Mario Tama/Getty Images

Web security and strong encryption were hot topics last year due to revelations about election hacking, but it’s just as important for news organizations to consider these issues. One of the easiest ways for media sites to increase security is by enabling HTTPS—sites like the Washington Post, Wired, BuzzFeed and The Guardian have all done this in recent years.

Sign Up For Our Daily Newsletter

By clicking submit, you agree to our <a href="">terms of service</a> and acknowledge we may use your information to send you emails, product samples, and promotions on this website and other properties. You can opt out anytime.

See all of our newsletters

And today, the New York Times joined their ranks.

HTTPS, which is denoted by a padlock icon in the URL next to the browser, adds an extra layer of security to the usual HTTP web protocol (indeed, the “s” stands for security). It encrypts the data sent between your computer and a website’s servers, making it more difficult for a third party to monitor your activities—while they will still be able to see the URL of the site you are visiting (i.e. they will not be able to see which articles you are reading or hijack the connection. Further, it validates that your computer is communicating with the website you intended to reach,

In a post on the Times‘ Open blog, front end software architect Eitan Konigsburg and program manager Vinessa Wan (whom the Observer has reached out to for comment) announced that the Grey Lady had begun enabling HTTPS on its site. The change affects:

  • The home page
  • Articles published in 2014 and later
  • Most section, column and topic pages
  • The mobile site
  • Most blog pages
  • TimesVideo
  • Podcast pages

The rest of the Times website will also eventually have HTTPS protection.

Tech wonks from inside and outside the Times applauded the move:

Any site that doesn’t have HTTPS is at a much higher risk of attack, which is why last year Google said it will begin flagging unencrypted websites as insecure later this year, displaying a red “x” over a padlock in the URL bar.

News watchdogs are also keeping tabs on which media sites value security—Secure The News, a project of the Freedom of the Press Foundation, gives every news organization a letter grade based on the security of their site. The service congratulated the Times on its newly secure site:

Politico, Breitbart and the Wall Street Journal all currently have F grades on Secure the News—none has enabled HTTPS.

The New York Times Just Became Much Less Vulnerable to Online Attack