I wrote an impassioned cri de nerd here about why we risk losing the midterms. I'll spruce it up with hyperlinks and pictures a little later. http://idlewords.com/2018/10/portrait_of_a_campaign.htm …
-
-
I think he wants you to use Https, so downloading from your site is encrypted. I guess cloudflare gives free SSL?
-
I understand the request, but my question remains: what is the problem with plain http here?
-
Without HTTPS, network intermediaries not only get to see what your users are reading, but also inject content (advertising and trackers are popular).
-
An excellent reason to block ads
-
Unstoppable force, meet immovable object.

-
A good post by
@troyhunt shows that even if the security part is irrelevant for you, the performance boost could help:https://www.troyhunt.com/i-wanna-go-fast-https-massive-speed-advantage/ … -
Could help do what?
-
Make your site load faster. This particular article uses few resources (so not a huge optimization target), although HTTPS-only Brotli would shave 30% off the wire size.
End of conversation
New conversation -
-
-
-
I'm pretty confident that malicious forces are not going to intercept and re-write my blog, but I appreciate the concern
-
You're mistakenly assuming that "malicious forces" aren't already intercepting and rewriting your blog. Perhaps you think "why would they target me?" not recognizing that most intermediaries simply inject *into everything*.
-
I don’t like the cargo cult thinking here. Intermediaries inject ads at worst; it’s all blockable on the client side. The KGB will not subtly edit my links. There’s simply nothing wrong about plain http in this context
-
- that's being unfortunately dismissive of some free and excellent advice of a simple and free way you can help improve the web, if you don't mind me saying so. (
@cscottnet ) -
FWIW
@wikimedia is actively working on ways to improve our distribution into "filtered" areas of the world, and HTTPS is still the best solution we've got. Anything wiki-specific would just get blocked if/when@wikipedia is. -
Just like with bundling small monetary contributions to make a big impact, getting everyone on board with "https by default" makes it more likely that folks who actually need end-to-end security will be able to use it without seeming shifty.
-
It's not perfect (eventually https MitM will probably become common) but it's the best we've got right now. And hey! I'm putting my money where my mouth is:https://twitter.com/cscottnet/status/1049872096367665153?s=19 …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.