Getting "insecure internet connection" warnings in all the threads

Have to do this quickly -

On all thread pages I’m getting an “insecure internet connection” warning. This is the only website where I’m getting this warning.

?

Perhaps related to this:

What URL are you using to access the board? It should start with http and not https. If you are using https, we’ve never implemented the proper security certificate to make that work and you’ll get the error that you describe.

I literally don’t see http or https on this forum now (or even www). Isn’t that weird?

Looking around, I see https on reddit but nothing on the PC World site (except www) and another site I’m on. I might not need to care about the other sites as I don’t have accounts on them.

I noticed an insecure connection with various sites recently. Using Chrome, many sites have a green padlock symbol left of the URL bar, signifying a secure connection (HTTPS I think). Others, though, have an “i” symbol in a circle, which if clicked on reveals that “Your connection to this site is not secure”. This includes major websites like CNN and BBC. BBC has a blog post about the reasons why they are still using HTTP here.

While visiting the Straight Dope, there is an additional “Not secure” message spelled out to the left of the URL bar. Once logged in, it reverts to the “i” in a circle symbol. I presume the added text warning is there because there’ a login and password field on the page.

Cool - thanks.

Yeah - I get the tiny lock symbol with a red line through it (up in top left of url bar)

So this officially “Computer Dumb” (trademark) Firefox user doesn’t need to worry about this unless I post my password and mc # in one of these lucky threads, then?

Depending on the browser and version, it may or may not be available to avoid overloading people’s tiny minds.
Back around 2011 poor pathetic Chrome took out the prefix http://, so of course in the effort to make themselves redundant, Mozilla copied Chrome:
*
Mozilla follows Chrome and Opera, removes http:// protocol and trailing slash by default in the location bar for user friendly and better readability, *

Techdows which also gives the about:config to fix this problem

However, in Google’s unceasing attempt to control and make the Web less useful, in 2014:
*Google, having removed the age-old, comfortable-like-an-old-pair-of-socks http:// from the beginning of URLs in Chrome’s address bar, is now trialing an even more drastic move: Killing off the URL entirely. In a new version of Chrome, the full URL vanishes from the address bar, instead replaced by an always-present “Search Google” box. This is obviously a play to drive more search traffic — but, as much as it pains me to say it, it’s probably a very good way of helping most users avoid phishing attacks.
*

Extreme Tech

Alphabet-Google really are utter crap.
From the same:
You can also still click in the address bar and use Ctrl-L to select the full URL (it triggers the same cutesy animation). Basically, if you know what you’re doing — if you know that the origin chip is a button — then the change isn’t all that bad. The problem, of course, is that most users probably won’t realize that it’s a button. Likewise, while there’s a config option for power users who prefer to always see the URL — chrome://flags/#origin-chip-in-omnibox — it isn’t something that your mom or pop would change.
I dunno how to change that because I just use an ancient version of IceCat for most browsing. Although for this site I use the current hideous version of Chromium.
No problems yet.

If any Nigerian princes contact you through the Straight Dope offering a share of a great fortune locked in a frozen account in return for a small up-front payment, then be aware that there might be some risk in this venture, due to the vulnerabilities of passing sensitive information, such as bank account details, over an insecure HTTP connection.

Darn - I think some :stuck_out_tongue:TruthSeeker2:stuck_out_tongue: person contacted me before I read your post, and, well…

Done. Now says http://

I’m disappointed in that. Although I suppose I’m not surprised. Young users these days don’t even know how to hide their search history. (A friend’s kid got in trouble for that the other day. They still don’t realize how they got caught.)

There is no way that hiding the URL of the site makes you less prone to phishing attacks. Checking the URL is how you know if you’re on the right site. Having “Search Google” up there means you can easily redirect them to wherever.

I also see no sign that Chrome actually implemented this. They would be incredibly stupid to do so.

As for removing HTTP, it actually makes me laugh a bit. Because they’re now trying to push everyone to HTTPS. Having HTTP appear but not HTTPS would be useful for this.