YouTube adds HTTPS; Syrians, Tunisians gain access, but…!

HTTPS has been in the news quite a bit lately; first, because of Firesheep, a program that allows users on open WiFi networks to sniff cookies and effectively hijack users’ social networking connections if they're not using HTTPS.  As a result, a campaign has emerged to call on companies to offer HTTPS by default and the EFF has released a program called HTTPS Everywhere which, when installed, automatically directs users to the HTTPS version of a site.

Internet users can also bypass filtering using HTTPS, which provides another incentive for companies to implement it, as YouTube recently did.  Unfortunately, from tests conducted in Tunisia (where YouTube is blocked by IP address), it appears that, while users can access https://www.youtube.com, they cannot actually watch videos; when they attempt to do so, they are presented with the following error message:

The error message received by users in Tunisia when they attempt to watch a YouTube video under HTTPS encryption

In order for Tunisians (and users in other countries where YouTube is blocked by IP address) to be able to watch videos, we suspect that YouTube will need to ensure that not only its home page, but also the embed code, are available under HTTPS.  A look at the source code of an individual (HTTPS) video page shows that the code is all HTTP:

2 comments

Join the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.