←back to thread

Web page annoyances that I don't inflict on you

(rachelbythebay.com)
569 points todsacerdoti | 1 comments | 05 Jan 25 01:54 UTC | HN request time: 0s | source
Show context
imoreno ◴[05 Jan 25 02:56 UTC] No.42599386[source]
I agree with most of this. If every website followed these, the web would be heaven (again)...

But why this one?

>I don't force you to use SSL/TLS to connect here. Use it if you want, but if you can't, hey, that's fine, too.

What is wrong with redirecting 80 to 443 in today's world?

Security wise, I know that something innocuous like a personal blog is not very sensitive, so encrypting that traffic is not that important. But as a matter of security policy, why not just encrypt everything? Once upon a time you might have cared about the extra CPU load from TLS, but nowadays it seems trivial. Encrypting everything arguably helps protect the secure stuff too, as it widens the attacker's search space.

These days, browser are moving towards treating HTTP as a bug and throw up annoying propaganda warnings about it. Just redirecting seems like the less annoying option.

replies(10): >>42599423 #>>42599448 #>>42599461 #>>42599916 #>>42600279 #>>42601148 #>>42605479 #>>42605998 #>>42609172 #>>42627972 #
throwaway58670 ◴[05 Jan 25 11:42 UTC] No.42601148[source]
Some old-enough browsers don't support SSL. At all.

Also, something I often see non-technical people fall victim to is that if your clock is off, the entirety of the secure web is inaccessible to you. Why should a blog (as opposed to say online banking) break for this reason?

replies(2): >>42602791 #>>42607644 #
donatj ◴[06 Jan 25 04:22 UTC] No.42607644[source]
Even older browsers that support SSL often lack up-to-date root certificates, which prevents them from establishing trust with modern SSL/TLS certificates.
replies(1): >>42609286 #
1. robinsonb5 ◴[06 Jan 25 10:17 UTC] No.42609286[source]
Fairly recently I attempted to get an (FPGA-emulated) Amiga, a G4 Power Macintosh running System 9.2, and a Win2000sp4 Virtual Machine online (just for very select downloads of trusted applications, not for actual browsing). It came as a huge surprise to find that the Win2K VM was the biggest problem of the three.