Ted Cruz's New Presidential Campaign Donation Website Shares Security Certificate With Nigerian-Prince.com
from the feeling-safe-donating-yet? dept
Update: Yes, as lots of angry people are screaming at us (including with detailed explanations of how incredibly, unbelievably, astoundingly stupid I must be), this is a result of Cruz using Cloudflare, which lumps unrelated domains onto the same HTTPS certificate. And yes, Techdirt.com's certificate is hosted by Cloudflare also, and we share it with other domains as well. Feel free to continue to read the original story below and contribute to how stupid you think I am in the comments...We're big believers in using HTTPS to secure websites (even if HTTPS certificates have their problems -- it's still better than the alternative). But there are pitfalls in setting up your certificate correctly as newly announced presidential candidate Senator Ted Cruz apparently discovered this morning. Because along with his campaign launch speech (which was widely mocked by the Liberty University students who were forced to attend), he put up a website for donations. And that website didn't default to HTTPS and also listed nigerian-prince.com as an alternate domain on the security certificate, as first noted by the Twitter feed @PwnAllTheThings:
Filed Under: donations, https, internet security, nigerian prince, presidential campaign, security, security certificates, ssl, ted cruz, tls