15 years ago I used to work for the Electronic Frontier Foundation. I’m still a fan and supporter, but sometimes they take really weird positions that is more like a politically correct weird religion cult – and HTTPS Everywhere is an example of that. And they are influencing the web to go along and discriminate against unencrypted web sites, like this one. Google sent me this notification.
Chrome will show security warnings on http://www.dvorak.org
To owner of http://www.dvorak.org,
Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.
The following URLs on your site include text input fields (such as < input type=”text” > or < input type=”email” >) that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, so that you can take action to help protect users’ data.
I have about 50+ web sites to deal with and I’m just not going to do it. This is a really bad idea and I wouldn’t have a problem with it if it weren’t a tremendous hassle and totally useless.
How about going into a little more detail than ‘that sucks’.
Pretty useless, right up there with cookie warnings that the EU requires. What great security is there needed for your name and email address getting filled out on a form? I’ve got a B2B site collecting valuable leads I need to scramble to get https’d because of this crap.
well..
they have passed that HTML 5 can have DRM.. so whats new??
NO ONE is listening..
Truly futile, up there with treat notices that the EU requires. What incredible security is there required for your name and email address getting rounded out on a shape? I have a B2B site gathering profitable leads I have to scramble to get https’d in view of this poo.
Thanks for repeating David’s/your comment.
I don’t agree, it’s just good practice to use https even if you don’t have a lot of things to protect.
Now with free certificate and auto renew it’s really easy to do it.
I use it on my own website and I’m not a web developer so if I can anyone can.
It isn’t like chrome is going to have a big red intercept or block users from visiting.
What part of their description that the pages are not secure is inaccurate or misleading? It is hardly discrimination, though maybe you mean that in terms of making users more discriminating in the sites they visit?
Seems like you are just whining that you are inconvenienced. You can always set up let’s encrypt to manage the certificates and guarantees to your users that pages nor dns traffic has been tampered.
This site is more and more become the unhinged whining of Marc Pekel. I thought he had his own blog?
Sorry, I don’t agree. I believe that HTTPS Everywhere (and HTTPS in general) serves a worthwhile and valuable purpose and I use it with all my browsers… I have a few simple websites and it was trivial to add it to all them.
A while back I made my personal website HTTPS knowing that this was coming. Fortunately you can get free certificates from LetsEncrypt. It was a pain in the ass getting it working (nginx) but now I only need to run a script to get it to renew every few months. I’d rather not deal with this because nothing on my site involves personal information.
NOT “useless”!
You’re just a LAZY CODER who could give a fuck about anyone else that doesn’t speak Java, C++, HTML, bla, bla, bla. Never mind anything about being SECURE! Guess you side with the NSA and are now “anti-encryption” (cause it’s a pain in your ass to support),
YOU (lazy) MORON!
Marc Perkel takes the Equifax approach to security. The admin password = admin.
You do realize Equifax used https?
What do you have that’s not worth hiding?
Is Dvorak still alive?
I’m confused I don’t know what to do call me stupid call me dumb I don’t care what you say I don’t know what to do I need better instructions please !
https://youtu.be/F5bAa6gFvLs?t=2m33s
No More Secrets, keep in your memory what you need to hide. Writing down information is just sa vulnerable as the info grabbing WWW.
I don’t completely agree. It’s just good practice to use https even if you don’t have a lot of things to protect.
Google wants to help the reptilians get rid of those pesky anonymous websites. Vast areas of the Internet will disappear and need not be indexed. Google has already eliminated old content from the search results.
HTTPS everywhere means old Android devices will not be able to browse to any current website. Planned obsolescence.