|
|
|
|
|
|
by 8organicbits
903 days ago
|
|
|
Imagine a major weather event is coming and a warning banner shows on the weather site telling you to stay off the roads. But some carelessly injected ad covers it, or the injected CSS makes it unreadable. You don't see it and suffer a crash. Government communications should not be subjected to arbitrary modification by intermediaries. Ad injection on HTTP is (or at least was, when unencrypted HTTP was popular) common. It also raises the concern that the ad will appear to have government sponsorship, which invites scams and other malvertising. A government agency should seek to communicate information with the public, especially safety information, via an untamperable communication channel. |
|
|
As a site its considerably less authorative than you seem to believe; people get weather warnings here in Australia from the TV, from the radio, from apps on their phones, from looking outside and seeing weather fronts rolling in.
Few people actually directly visit the BoM site, those that do are generally long time users familiar with the site using the usual array of adblockers and noscript, unlikely to fall for "Click here" injection attacks, and more likely to have a direct fibre | line connection to a major ISP to BoM with little chance for malicious injection in any case.
The risks are understood and doomsday scenarios have yet to occur after nearly 40 odd years online as a non https site.