HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Australia's Weather Bureau is retiring its HTTPS site, will keep using HTTP(weather.bom.gov.au)

4 points·by roxgib·3 anni fa·4 comments
weather.bom.gov.au
Australia's Weather Bureau is retiring its HTTPS site, will keep using HTTP

https://weather.bom.gov.au

5 comments

ggm·3 anni fa
A truly weird decision, perverse-outcome sounding, if you don't explain it. Maybe the burden of holding state for TLS turned out to be too much for their capital investment, and they decided that there was no transitive risk in being insecure HTTP protocol, for a public information service.

Or maybe something else?

An explanation might help. I am sure future 'scrape the web and report on HTTP/HTTPS' bots are going to flag this as insecure.
bradwood·3 anni fa
FFS. We're not living in the 90s anymore. Spent a few hours configuring LetEncypt and move the fuck on. If they are incapable or unwilling to do this in this day and age I'd have to wonder about how they can be trusted to engineer any other part of their system reliably.
roxgib·3 anni fa
The S is not a typo. It's retiring its HTTPS site. The old HTTP site (and the app) is staying.

You can actually get the old site via HTTPS, but only on the https://reg.bom.gov.au subdomain. So there's that.
roxgib·3 anni fa
To further clarify:

www.bom.gov.au is HTTP only. It will fail to connect if you use HTTPS.

reg.bom.gov.au is an HTTPS version of www.bom.gov.au. It seems to be staying, but you have to know to use that address.

weather.bom.gov.au is a newer site with a much better design, and supports HTTPS. It is being retired.

Obviously there are a million third party weather services/apps but they all use the BOM's data, at least in Australia.
ggm·3 anni fa