Skip to content

Davey Winder

delivering award-winning technology journalism since 1991

  • home
  • about me
  • follow me on mastodon
  • privacy policy
  • Toggle search form
Image of Donald Trump against background of words about him

WTF? Donald Trump’s HTTPS Floored, HTTP/2 Flawed and HSTS Adored

Posted on August 4, 2016 By Davey Winder

Making ecommerce weak again. This is the week that Donald Trump got his HyperText Transfer Protocols in an insecure twist.

It’s also the week that Google went all Strictly on HTTP’s arse, and HTTP The Sequel got played at Black Hat. We hope you are sitting securely. Let’s kick things off with a bit of Donald Trump. The wannabe President of the USA, sometime reality TV celeb and supposedly shrewd businessman is not short of a buck or billion. Yet none of the above prevented The Donald from making a schoolboy web security error over at his online shop front.

The Register discovered, we won’t ask what it was actually looking to buy in the way of Trump memorabilia, that no matter how you tried to enter shop.donaldjtrump.com you always ended up running an insecure connection. El Reg reporters found that “despite having installed a valid SSL certificate for the main Donald Trump website and his donations sub-domain, for some reason the online store is happy to spill out all of your personal and credit card details in plain text across the internet via good old HTTP.”

Even if you forced a manual ‘https://shop.donaldjtrump.com’ into your browser, The Donald was having none of it and threw you straight back onto an unencrypted HTTP page in short order. Maybe he should have got his ecommerce team to talk to Hillary Clinton who, despite all the claims of email hacking and leaking, has an online campaign shop and somehow manages to use HTTPS secure connections properly.

Click here to read complete article

News Tags:Clinton, Donald Trump, eCommerce, Google, HTTP, security, Shopping

Post navigation

Previous Post: Is Android security really too difficult for Motorola?
Next Post: Will Rio Olympics herald a carnival of cyber-crime?

Related Articles

New Mass Gmail Rejections To Start April 2024, Google Says Gmail
Big Game Hackers Smash $1 Billion Ransomware Barrier Cybercrime
Yeah, But No, But Yeah: The Strange Tale Of 3 Million Hacked Toothbrushes Hacking
Google To Crack Down Against Spammers To Protect Gmail Users Gmail
New Google Report Warns Of ‘Real And Significant Threat’ To User Privacy Google
iPhone Under Attack: U.S. Government Issues 21 Days To Comply Warning Apple

Categories

Post Archive

Tags

0day Analysis Android Apple Apps breach bug bounty Business Chrome crime Cybercrime Data Protection Encryption Enterprise Google Government Hackers Hacking Health healthcare industry iOS IoT iPhone Malware Microsoft News NHS Opinion passwords Phishing Privacy ransomware Research Russia Samsung threat intelligence Twitter Update Vulnerabilites vulnerabilities Vulnerability Windows Windows 10 zero-day

Copyright © 2025 Davey Winder .

×
Cookies
We serve cookies. If you think that's ok, just click "Accept all". You can also choose what kind of cookies you want by clicking "Settings". Read our cookie policy
Settings Refuse all Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
  • Necessary
    These cookies are not optional. They are needed for the website to function.
  • Statistics
    In order for us to improve the website's functionality and structure, based on how the website is used.
  • Experience
    In order for our website to perform as well as possible during your visit. If you refuse these cookies, some functionality will disappear from the website.
  • Marketing
    By sharing your interests and behavior as you visit our site, you increase the chance of seeing personalized content and offers.
Save Refuse all Accept all
GDPR Cookie Policy