Are there any decent reasons for a government website to not support https in 2021 or is it just incompetence?
 It's All Fucked Shirt $22.14 |
 Ape Out Shirt $21.68 |
It's All Fucked Shirt $22.14 |
Are there any reasons for a government website to not support https in 2021?
there are no decent reasons for any website to not support https in 2012.
Are there any decent reasons for a bureau of meteorology site to encrypt your connection?
imagine getting a MTIM'd weather forecast
It's a good thing that nothing in Australia is important
This. HTTPS is bloat.
because if everything is encrypted (and there's no good reason for it not to be) then the things that do need encryption won't stand out.
Why would it matter if they stood out?
So that that traffic that """needs""" encryption can be more closely monitored.
Also to
's point, just because the information is publicly-accessible doesn't mean it doesn't """need""" encryption. Why should anyone else get to know that I looked up the weather?
Why does it matter if they monitor the traffic if it's encrypted?
If encryption makes monitoring irrelevant, when why shouldn't all web traffic be encrypted 100% of the time to preclude it?
Because most traffic isn't worth monitoring.
Says who, you?
SHALL NOT BE INFRINGED
It's a government website, my man.
That doesn't mean they don't do it anyway.
This is a bit like saying "Well, I won't apply security patches on my computer. I don't need them, I'm unlikely to be attacked." Which is a.) stupid and b.) not even saving you much effort, since you can just run one command. The same is true of using HTTPS.
Also, that chucklefrick says:
>None of those things are my problem. If people don't want to see my site with random trash inserted into it, they can choose not to access it through broken and/or compromised networks.
The internet is a broken and/or compromised network. Which is why anyone who puts a site on it should serve it through HTTPS. In any case, at some point he won't have a choice, browsers will refuse to load it if they can't negotiate encryption.
>This is a bit like saying "Well, I won't apply security patches on my computer. I don't need them, I'm unlikely to be attacked."
I should have expected you were an updooter.
>use https or you will be h4x0r3d
compelling argument
Why wouldn't you? It no longer costs anything and there's no longer any significant speed penalty. It takes a few minutes to set up. Do you lock your doors when you go out? I do. It's unlikely anyone will come and try the knob and steal shit from me if I don't, but so what? It takes five seconds to protect against it.
More like,
>Do you wear a full body disguise and erratically drive to throw off potential surveillance operations when going out in public?
>Why not? You're basically moronic if you don't. And it's free.
frick off glowBlack person you can have a https certificate for free nowadays
>if you don't install this cert, you're going to get mugged
why didn't you use that same logic when taking the vax moron
that very analogy has been used before, and way before the wu flu.
https://scotthelme.co.uk/https-anti-vaxxers/
https is good
vax is bad
simple as
>Do you wear a full body disguise and erratically drive to throw off potential surveillance operations when going out in public
you don't?
i dress as a women in public
j-just in case
>glowie running up to an empty cabin radioing for backup
>the hon is out of the base i repeat the hon is out of the base
>at some point he won't have a choice, browsers will refuse to load it if they can't negotiate encryption.
That will be great. You won't be able to use self-signed certs either because those are A Bad Thing™ so it will be yet another way for people to get deplatformed.
Self signed certificates are a bad thing though because the certificate signing system is secure based on government secured third parties
The only alternative is to have a content management and routing system that doesn't rely on a trusted third party.
Even if you use IPFS to serve your entire website and memechains to change state, users still need to learn that your service exists through a trusted third party.
if your argument is that the CA/PKI system is moronic, that I agree with you on. It was designed by ITU bureaucrats in the 80s and X.509 is actually one of the less-obtuse parts of it, incredibly.
is wrong, the "authentication" provided by CAs is meaningless and never should have been there, and once you've dumped that there's no reason to bother with certs and signing at all. Both sides should just do DH and set up encryption only.
>users still need to learn that your service exists through a trusted third party.
That's called DNS, and we don't need CAs for it.
But, y'know, it's the system we have, and it's easier to route around it with something like Lets Encrypt that admits the authentication is meaningless and just gives anyone an automated cert if they can prove they control the domain. As opposed to replacing it wholesale. (look how that went with IPv6)
I really doubt Let's Encrypt will continue handing out certs to everyone without bias forever. We're already at a point where your browser give you excessive grief over both unencrypted connections and self-signed certs. Once nobody has a choice they'll have all the power. I get very strong early Google vibes from them.
so you can use someone else. Since I happen to still have the tab to that site open, here's two other choices that use the same automation LE does.
https://scotthelme.co.uk/having-a-backup-ca-for-lets-encrypt/
https://scotthelme.co.uk/introducing-another-free-ca-as-an-alternative-to-lets-encrypt/
http://n-gate.com/software/2017/07/12/0/
>serves a page about not supporting connections over https
>while connected over https
It probably doesn't support HTTPS because a lot of old services and programs connect to their servers that haven't been updated to support secured connections.
this is how they hide weather machines
Science is public.
>83628538
jesus christ that glow
https is a meme
Australia's BOM being http only has been a meme for years. I can't believe they don't fix it even if it's just to stop people asking about it.
The crazy thing is they do support HTTPS. They have a server supplying that redirect page on HTTPS.