Hi All, for what I can count as the third time at least, there is no HTTPS on the registration form for the Internet Governance Forum website. Last time at least an HTTPS form was embedded in the HTTP site (bad practice I believe). However the registration confirmation with all personal data were send in the clear (http://apc.org/en/blog/igf-cybersecurity-fail-website-leaks-personal-data).
There was also the issue of the database containing user names and passwords, which was leaked last year, and nobody was informed in the breach. I would appreciate your thoughts on the matter, as well as a way forward. Kind regards, Alex -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
