This week's giveaway is in the Spring forum.
We're giving away four 3 month subscriptions to Marco Behler Videos and have Marco Behler on-line!
See this thread for details.
Win a 3 month subscription to Marco Behler Videos this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Life is about to get harder for sites without https  RSS feed

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 37051
507
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I read this recently. The ranch uses https so we are good. I'm wondering if this is a good idea. Does everything really need to be https? If I'm checking the weather is that a secret?

Also, some sites have cert troubles as browsers upgrade or certs expire. So I'm wondering if this will mean more broken sites.

Life is about to get harder for sites without https
 
Tim Moores
Saloon Keeper
Posts: 3771
78
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
(Jeanne, I took the liberty of changing "with" to "without" so as not to confuse people :-)

If I'm checking the weather is that a secret?

People have different levels of perceived privacy and security needs. You may not mind, but someone else may not want other people to know for which cities she checks the weather. And in the ever more numerous public WLANs it's easy for other people to snoop on unencrypted traffic. Given how easy it is these days to set up HTTPS, and how little overhead it actually creates, I think this is a good path to take.
 
Ron McLeod
Saloon Keeper
Posts: 1530
210
Android Angular Framework Eclipse IDE Java Linux MySQL Database Redhat TypeScript
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:... Does everything really need to be https? If I'm checking the weather is that a secret?

I think it is less about privacy and more about ensuring that the integrity of the site's content, that it has not been altered en-route or had malware injected through a MITM attack, and as a protection against interacting with a rogue site after being directed there by DNS hijacking or some other means.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!