(RESOLVED) Will it ever be implemented? HTTPS
Discussion
sunbeam alpine said:
Is it a big problem? The login/password combination I use is only for here and the e-mail address linked to it is only used for this site.
Yes, it's become essential. The bar to stay secure is always being raised.No excuse for not using it in this day and age. I even use a self signed CA for sites I haven't deployed because there's no point developing against HTTP.
rscott said:
All that jazz said:
RacingPete said:
It hit a bottle neck on ad serving which is currently being resolved with a January deadline.
11 days to go Pete. Can't wait! 
Is there a fixed date for the Chrome warnings?
Here https://security.googleblog.com/2016/09/moving-tow...
Tbh I don't especially care about it myself as I work in IT so do all the sensible stuff like random passwords.
My concern is, respectfully, the 95% or whatever it is of people who lurk here who use the same password everywhere etc.
I'd be far more interested in how my details are stored and secured than I am in https personally as sending over SSL is kind of academic if they're stored in plain text at the other end without adequate security controls.
Tbh I don't especially care about it myself as I work in IT so do all the sensible stuff like random passwords.
My concern is, respectfully, the 95% or whatever it is of people who lurk here who use the same password everywhere etc.
I'd be far more interested in how my details are stored and secured than I am in https personally as sending over SSL is kind of academic if they're stored in plain text at the other end without adequate security controls.
b
hstewie said:
hstewie said: I'd be far more interested in how my details are stored and secured than I am in https personally as sending over SSL is kind of academic if they're stored in plain text at the other end without adequate security controls.
But not using HTTPS for logins surely tells you all you need to know about the backend storage strategy at this point in time 
randlemarcus said:
But not using HTTPS for logins surely tells you all you need to know about the backend storage strategy at this point in time
Again, from a selfish POV I don't care, I've never sold anything here, all they have is a username, a unique password, and an email address and I post enough st that I don't think they could do much to harm my standing here I just find the thread an interesting exercise in customer service and communication.
bhstewie said:
hstewie said:randlemarcus said:
But not using HTTPS for logins surely tells you all you need to know about the backend storage strategy at this point in time
Again, from a selfish POV I don't care, I've never sold anything here, all they have is a username, a unique password, and an email address and I post enough st that I don't think they could do much to harm my standing here I just find the thread an interesting exercise in customer service and communication.
Dan_1981 said:
bhstewie said:
hstewie said:randlemarcus said:
But not using HTTPS for logins surely tells you all you need to know about the backend storage strategy at this point in time
Again, from a selfish POV I don't care, I've never sold anything here, all they have is a username, a unique password, and an email address and I post enough st that I don't think they could do much to harm my standing here I just find the thread an interesting exercise in customer service and communication.
I'm not holding my breath tbh.
The lack of SSL shows the contempt the owner has for the readership. The constant censorship, evicting of very useful and interesting people just because they call an idiot out, the force feeding of adverts and lack of security demonstrates exactly where PH has gone. It's why most of the interesting conversations have gone elsewhere.
Kevin Costello is the Publishing Director - I bet he's careful when he uses on-line services to make sure he's using an SSL connection !
The lack of SSL shows the contempt the owner has for the readership. The constant censorship, evicting of very useful and interesting people just because they call an idiot out, the force feeding of adverts and lack of security demonstrates exactly where PH has gone. It's why most of the interesting conversations have gone elsewhere.
Kevin Costello is the Publishing Director - I bet he's careful when he uses on-line services to make sure he's using an SSL connection !
Gassing Station | Website Feedback | Top of Page | What's New | My Stuff