If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Next Web)   In bid to prod sites to not get so damn hacked all the time, Google's updated search algorithm now prioritizes secure HTTPS pages over plain old HTTP pages   (thenextweb.com) divider line 20
    More: Interesting, HTTP Secure, Google, web sites, search results, runs test  
•       •       •

404 clicks; posted to Geek » on 07 Aug 2014 at 10:53 PM (6 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



20 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest
 
2014-08-07 10:23:32 PM
Do they check to make sure HTTPS isn't being secured by ROT13 encryption?
 
2014-08-07 11:00:47 PM

abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?


I prefer R2D2 encryption.
 
2014-08-07 11:09:31 PM
It's only semi relevant.  I tried chrome's "https everywhere" extension. I don't know how well it performs really, because shortly after I signed up for Amazon Prime as a trial, and it crashes Silverlight when trying to stream their content so I turned it off.

/fyi-ish
 
2014-08-07 11:22:26 PM
Is HTTPS even necessary on a site that I never bothered to create a login to.

If HTTPS is prioritized, am I going to get a bunch of results that want me to create a login before I can view their content.

// not every damned site needs to have a password. No I don't want to join your community.

// And while I'm here on my soapbox, no I don't want your android app either.
 
2014-08-07 11:23:03 PM
This is good, but it's designed to solve a different problem. HTTPS only protects against someone sniffing the wire. That's a good thing in today's widespread public wifi world, but it won't protect your default Wordpress admin page sitting there with the default password, your router sitting there with a telnet port open to the world, nor your password database stored in a CSV file. Just as using an armored truck to haul your cash won't help if they just drop it off on the street corner in front of the bank.

I love the sites that throw out things like "we use SSL/HTTPS to protect your security!" OK, great, you're protecting it in transit, how about when it gets where it's going?
 
2014-08-08 12:23:54 AM

strangeluck: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

I prefer R2D2 encryption.


I prefer ROT26. It's twice as good as ROT13. :p
 
2014-08-08 12:26:22 AM

lordargent: Is HTTPS even necessary on a site that I never bothered to create a login to.

If HTTPS is prioritized, am I going to get a bunch of results that want me to create a login before I can view their content.

// not every damned site needs to have a password. No I don't want to join your community.

// And while I'm here on my soapbox, no I don't want your android app either.


Are you willing to take a survey?
 
2014-08-08 12:43:06 AM

abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?


I know I'm seriousing a joke here, but even shiatty security keeps the most unserious of attackers away. It's better than nothing.
 
2014-08-08 01:57:35 AM

abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?


I'm going to guess this sentence makes sense to someone out there, and just not to me. You mean the padlock is just a lie? I feel so betrayed. Next your going to tell me the NSA is spying on people...
 
2014-08-08 02:49:02 AM

doomjesse: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

I'm going to guess this sentence makes sense to someone out there, and just not to me. You mean the padlock is just a lie? I feel so betrayed. Next your going to tell me the NSA is spying on people...


Rotie, as in Rottweiler encryption.
 
2014-08-08 03:39:08 AM

mamoru: strangeluck: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

I prefer R2D2 encryption.

I prefer ROT26. It's twice as good as ROT13. :p


ROT26 is nice, but I'm still fond of D20, outdated as it is.
 
2014-08-08 04:08:44 AM

lordargent: Is HTTPS even necessary on a site that I never bothered to create a login to.

If HTTPS is prioritized, am I going to get a bunch of results that want me to create a login before I can view their content.

// not every damned site needs to have a password. No I don't want to join your community.

// And while I'm here on my soapbox, no I don't want your android app either.


No.  Just....no.
 
2014-08-08 05:42:45 AM

ArcadianRefugee: mamoru: strangeluck: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

I prefer R2D2 encryption.

I prefer ROT26. It's twice as good as ROT13. :p

ROT26 is nice, but I'm still fond of D20, outdated as it is.


Anything where we don't have to manually calculate THAC0 is a plus in my books.
 
2014-08-08 08:19:36 AM

lordargent: Is HTTPS even necessary on a site that I never bothered to create a login to.


Depends what you mean by necessary. Without HTTPS any step on your requests journey can see what you are looking at, and then censor it, or alter it (for example inserting ads or even scripts) and neither you nor the server that answered the request will know something has changed en route. Encrypting the communication between you and the server makes it very difficult to do this in most scenarios.

If HTTPS is prioritized, am I going to get a bunch of results that want me to create a login before I can view their content.

HTTPS doesn't mean you need a login, although if you have a login you almost certainly want HTTPS.
 
2014-08-08 08:26:39 AM
so what??   our Freedom Fighters (NSA, etc) can crack HTTPS anyway.


pointless.
 
2014-08-08 10:16:48 AM

BumpInTheNight: ArcadianRefugee: mamoru: strangeluck: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

I prefer R2D2 encryption.

I prefer ROT26. It's twice as good as ROT13. :p

ROT26 is nice, but I'm still fond of D20, outdated as it is.

Anything where we don't have to manually calculate THAC0 is a plus in my books.


I prefer magic and just bypass encryption completely.
 
2014-08-08 10:19:30 AM
The issue that I have with this is that it will exacerbate the IPV4 address shortfall. If every mom and pop shop now thinks that they NEED to have https in order to show their store hours, I feel bad for their hosts. A dedicated IP address for every account/site will start to become an issue.
 
2014-08-08 12:51:44 PM

xria: Without HTTPS any step on your requests journey can see what you are looking at, and then censor it, or alter it (for example inserting ads or even scripts) and neither you nor the server that answered the request will know something has changed en route.


My thinking is ... if I'm reading a random news site, and I'm blocking javascript anyway. Does it really matter?
 
2014-08-08 04:09:20 PM

BumpInTheNight: ArcadianRefugee: mamoru: strangeluck: abb3w: Do they check to make sure HTTPS isn't being secured by ROT13 encryption?

Anything where we don't have to manually calculate THAC0 is a plus in my books.


I always liked THAC0.  Opinions varied.

Blink182 was popular, for a while.
 
2014-08-08 09:59:00 PM

Linux_Yes: so what??   our Freedom Fighters (NSA, etc) can crack HTTPS anyway.


pointless.


I thought that, at least according to Snowden, properly implemented crypto is still good.  At any rate, SSL is just another tool, and if you can do a man in the middle attack you really don't need to be the NSA to circumvent it.  Not a bad thing to have, though.

Mattix: The issue that I have with this is that it will exacerbate the IPV4 address shortfall. If every mom and pop shop now thinks that they NEED to have https in order to show their store hours, I feel bad for their hosts. A dedicated IP address for every account/site will start to become an issue.


It's actually not necessary to use a dedicated IP for each SSL site, thanks to SNI. It seems to be supported by most modern browsers, so it's probably a safe bet.  On the other hand, IPV6 would be nice too.
 
Displayed 20 of 20 comments

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report