back to article Someone's lost the plod: Use crappy HTTP for shopping, banking, say Brit cops

Police in Essex, UK, have had a rough day of it after mischievous hackers broke into their Twitter account – and broadcast bogus security tips. Essex Police The dodgy tweet, recommending people use insecure HTTP rather than encrypted HTTPS for online shopping and banking, has since been removed. El Reg readers will know it's …

  1. Peter Prof Fox
    FAIL

    Essex Police - 'nuf said.

    Their Einstein in charge of electronic fraud kept referring to the mag stripe on a credit card as a bimetallic strip.

  2. This post has been deleted by its author

    1. asdf
      FAIL

      Yep HTTPS or bust because x509 is unbreakable and will save us all.

    2. Adam 1

      I only post comments on forums that I can see the http:// in the link. It's amazing just how many sites not only don't use it, including quite a few big technology names who should know better.

      1. asdf

        https://www.eff.org/https-everywhere

        plugin for the most part takes care of this for you by default but if a site doesn't offer https then you or just as likely they are still SOL.

  3. Captain DaFt

    "The link in the tweet, a goo.gl shortened URL, directed clickers to nursing.buybooksales.com, which redirects to the website of GCHQ"

    "We apologise for previous tweet re #CyberAware; it was malicious & has been deleted - please do not click on the link that was in the tweet.

    — Essex Police (@EssexPoliceUK) October 23, 2015"

    Did the Essex Police just call linking to the GCHQ "Malicious"?

    Hell, they may be marginally brighter than I'd thought!

  4. Fred Flintstone Gold badge

    Oh, the irony..

    We apologise for previous tweet re #CyberAware; it was malicious

    Really needs no further comment :)

  5. phil dude
    Megaphone

    https everywhere...

    there is no excuse for it, every single web transaction should be https.

    And ISPs should be legally forbidden from tampering with the data stream.

    In the last week I've has a number of landing pages try and "pretend to be Google".

    How is this not illegal?

    P.

  6. Androgynous Cupboard Silver badge

    Bank of Scotland have been texting me recently to sign up to their "protecting your business against fraud" website, also HTTP. Now this. My irony sensors are in full overload.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022