People searching “Bureau of Meteorology Adelaide forecast” on Google, or who navigate directly to a bureau web page, may get a redirect message advising: “The Bureau of Meteorology website does not currently support connections via HTTPS. You will shortly be directed to http://www.bom.gov.au.”

After a short wait the page usually does redirect for the latest forecasts – but goes to the national homepage rather than the state-specific forecast or radar page users were trying to navigate to.

HTTPS – Hypertext Transfer Protocol Secure – establishes a far more secure internet connection via encryption for privacy compared to the old internet standard Hypertext Transfer Protocol (HTTP).

Internet expert, University of Adelaide Fulbright Distinguished Chair in Cyber Information Influence, Professor Christopher Bronk, said it was time the BOM upgraded its system.

“HTTPS is much more secure and while there is a cost to it, it became the global standard years ago,” he said.

“It is not the end of the world, but if other federal and state websites are moving to it, it makes sense to become more secure and won’t cost a fortune.”

Prof Bronk noted the improved security would help ensure people were not redirected to unauthorised websites.

The BOM was contacted but were unable to supply a statement before deadline.

The redirect message sparked a flurry of posts on discussion forum sites including Reddit two years ago from people asking why it was occurring.

“BlueOdyssey” responded: “Know someone there: actual answer is that there are so many other systems that scrape that website that are not compatible with HTTPS requests. Would be too difficult to update the primary site to enforce it as it would break quite a few integrations.”

Juvey88 said he did IT security work “and I can tell you some of the stuff out there is like 30+ years old. Some of this legacy stuff barely supports IP let alone HTTPS.”

Others were more blunt such as MicroeconomicBunsen who posted: “Because it’s a stupid old as system that has an incredible amount of red tape involved in any change.”

Whirlpool Forums had a robust discussion underway last year with “Duty Technician” posting: “BOM is chronically underfunded across all its operations including its website. The site is still http only and many browsers throw warnings now when you go to a non-https URL.

“No doubt a https upgrade is on their wish list. What makes it even worse is the BOM radars are the most viewed gov.au websites during the summer storm seasons.”

Meanwhile the Australian National Audit Office reportedly has revealed the BOM has been using hundreds of millions of dollars meant for maintenance of its ageing weather observation systems to instead cover cost overruns and a deteriorating financial position.

It is failing to meet its maintenance targets and there are “extreme” risks of radar failure.

More Coverage

‘Operation clean-up 2.0’: The plan to reopen the Gold Coast

Paul Weston, Charlton Hart, Rosie Gale, Robert White and Andrew Potts

BOM apologises after ‘test’ tsunami warning causes confusion

Tayla Couacaud

Originally published as Grey page of death: Bureau of Meteorology website crippled by ancient tech