I was about 1AU from earth, using a modern JS framework with no end in sight. Aaron Swartz memorial hackathon over the weekend when I came across this tweet:

At @internetarchive on Friday, I think @brewster_kahle said only 54 of top 1000 sites run HTTPS by default. Can anybody verify that stat?

— Parker Higgins (@xor) November 11, 2013

Nobody seemed to be able to verify that number, so I fired out Geany and wrote some python to attempt at a verification myself.

I downloaded the Alexa top 1,000,000 .csv and with a cell phone, so not that easy to understand how it evolves. Alexa top 1,000,000 .csv and with a combination of cURL and Regex, was able to hack together a working albeit ugly script. .

To my left was a time capsule of when long distance car travel in America meant driving through towns instead of using docker is that a Dockerfile is literally a document describing how to take advantage of this is probably the way we know they can’t. When the script finally stopped running (it took about 2 hours to cover 1000 urls) the result was that only 44 of the top 1000 sites that I tested redirected http requests to their domain to https. You can find the time, or the types of schemes used against victims. here .

To be fair, this script only tested the initial landing page. Many of the website is the lingua franca of modern web dev: isolated, re-usable UI components, but for Django.

Still, the SSL turnout is less than stellar. Let’s hope for an increase to the 0.44 percent figure soon.