15 years ago I used to work for the Electronic Frontier Foundation. I’m still a fan and supporter, but sometimes they take really weird positions that is more like a politically correct weird religion cult – and HTTPS Everywhere is an example of that. And they are influencing the web to go along and discriminate against unencrypted web sites, like this one. Google sent me this notification.

Chrome will show security warnings on http://www.dvorak.org

To owner of http://www.dvorak.org,

Starting October 2017, Chrome (version 62) will show a “NOT SECURE” warning when users enter text in a form on an HTTP page, and for all HTTP pages in Incognito mode.

The following URLs on your site include text input fields (such as < input type=”text” > or < input type=”email” >) that will trigger the new Chrome warning. Review these examples to see where these warnings will appear, so that you can take action to help protect users’ data.

I have about 50+ web sites to deal with and I’m just not going to do it. This is a really bad idea and I wouldn’t have a problem with it if it weren’t a tremendous hassle and totally useless.

 



  1. NewFormatSux says:

    How about going into a little more detail than ‘that sucks’.

  2. David Jung says:

    Pretty useless, right up there with cookie warnings that the EU requires. What great security is there needed for your name and email address getting filled out on a form? I’ve got a B2B site collecting valuable leads I need to scramble to get https’d because of this crap.

  3. eca says:

    well..
    they have passed that HTML 5 can have DRM.. so whats new??
    NO ONE is listening..

  4. Truly futile, up there with treat notices that the EU requires. What incredible security is there required for your name and email address getting rounded out on a shape? I have a B2B site gathering profitable leads I have to scramble to get https’d in view of this poo.

  5. Tursiops says:

    I don’t agree, it’s just good practice to use https even if you don’t have a lot of things to protect.
    Now with free certificate and auto renew it’s really easy to do it.
    I use it on my own website and I’m not a web developer so if I can anyone can.

  6. Jeff says:

    It isn’t like chrome is going to have a big red intercept or block users from visiting.
    What part of their description that the pages are not secure is inaccurate or misleading? It is hardly discrimination, though maybe you mean that in terms of making users more discriminating in the sites they visit?

    Seems like you are just whining that you are inconvenienced. You can always set up let’s encrypt to manage the certificates and guarantees to your users that pages nor dns traffic has been tampered.

  7. Jeff says:

    This site is more and more become the unhinged whining of Marc Pekel. I thought he had his own blog?

  8. tom says:

    Sorry, I don’t agree. I believe that HTTPS Everywhere (and HTTPS in general) serves a worthwhile and valuable purpose and I use it with all my browsers… I have a few simple websites and it was trivial to add it to all them.

  9. Rex says:

    A while back I made my personal website HTTPS knowing that this was coming. Fortunately you can get free certificates from LetsEncrypt. It was a pain in the ass getting it working (nginx) but now I only need to run a script to get it to renew every few months. I’d rather not deal with this because nothing on my site involves personal information.

  10. F U says:

    NOT “useless”!

    You’re just a LAZY CODER who could give a fuck about anyone else that doesn’t speak Java, C++, HTML, bla, bla, bla. Never mind anything about being SECURE! Guess you side with the NSA and are now “anti-encryption” (cause it’s a pain in your ass to support),

    YOU (lazy) MORON!

  11. Semantics says:

    Marc Perkel takes the Equifax approach to security. The admin password = admin.

  12. Mr Anderson says:

    What do you have that’s not worth hiding?

  13. airman says:

    Is Dvorak still alive?

  14. Matt says:

    I’m confused I don’t know what to do call me stupid call me dumb I don’t care what you say I don’t know what to do I need better instructions please !

  15. jpfitz says:

    https://youtu.be/F5bAa6gFvLs?t=2m33s

    No More Secrets, keep in your memory what you need to hide. Writing down information is just sa vulnerable as the info grabbing WWW.

  16. I don’t completely agree. It’s just good practice to use https even if you don’t have a lot of things to protect.

  17. Orwell says:

    Google wants to help the reptilians get rid of those pesky anonymous websites. Vast areas of the Internet will disappear and need not be indexed. Google has already eliminated old content from the search results.

    HTTPS everywhere means old Android devices will not be able to browse to any current website. Planned obsolescence.


0

Bad Behavior has blocked 9400 access attempts in the last 7 days.