On 2022-04-06 9:27 a.m., Paul Koning via cctalk wrote:
On Apr 6, 2022, at 9:20 AM, Noel Chiappa via cctalk <cctalk@classiccmp.org>
wrote:
...
I have been told that at one point Google was 'downgrading' results that used
plain HTTP, instead of HTTPS, because they were trying to push people to
switch to HTTPS (this was when everyone was hyperventilating over the Snowden
revelations). Given the near-ubiquitous use of HTTPS these days, I'd have
thought that piece of 'information credit engineering' by our tech overlords
was past its 'sell by' date, and now serves primarily to block people from
finding the material they are looking for (as here).
That's a classic example of a rule invented by people who can't think. In
fact, HTTP is perfectly fine for sites that arenot conducting web-based
business activity. Blogs are a good example, and I know at least one that runs
HTTP for the simple reason that nothing else is needed. Bitsavers is another
example; nothing would be gained by adding all the overhead inflicted by HTTPS.
That's true IF you don't care about malicious content being injected
into the material you're loading over http. "Protecting credit card
numbers" is not the only thing encryption is good for.
Whoooosh and now watch this become the first 400 post off topic thread
of 2022...
paul
