Http(S)://Jow Forums.org

How come typing in simply "Jow Forums.org" results in a non-secure, unencrypted http connection? Is this some kinda set up?

Attached: what-is-http.jpg (800x462, 217K)

Other urls found in this thread:

istlsfastyet
twitter.com/SFWRedditVideos

i guess because they use both http and https
*shrugs*

*shrugs sphincter*

install "https everywhere" u securitylet

If you're afraid of some state actor coming for you because of something mean you said on Jow Forums, the problem is the state actor rather than Jow Forums.

Attached: come and honk it.jpg (640x427, 18K)

Jow Forums-x gives you the option to automatically redirect to https too. Always use HTTPS. Especially on public wifi. Not just because people can snoop on your posts and laugh at how pathetic you are. It also evades a lot of content filters.

>request the non-encrypted version of the site
>get the non-encrypted version of the site
>WOW

Yes, that is simply how it is set up.

this

yes it is botnet you found out

if you have nothing to hide you have nothing to fear

Do you think it is set up this way for a reason? Wouldnt it be easy to change it?

Use the HTTPSEverywhere add-on you autist.

Weak bait

lmao nice try

You know being here gets you on every major nation-state's potential right-wing terrorist and potential pedophile lists, right?

They would have to make special notes for me being a potential left wing terrorist instead and hostile to pedophiles.

>prevent ISPs injecting their ads into pages
>bypass shitty content filters blocking URLs by keyword
>people cant see what you post
>>>nothing to hide
and everything to gain

Https Everywhere is botnet. Every url u visit will be submitted to SSL Observatory for whitelist checking. The whitelist is outdated and very selective. Not every website that supports https get included into the list.

Use SmartHttps instead

>not being able to type >> within 2 seconds

a good thread died because of this

>botnet everywhere
imagine willingly installing an extension that scans every url you browse and checks it to a database of sites

Works on my machine. Maybe don't use a shitty browser.

Does nobody have a more indepth tech-related explanation to this?

it's because hiro is retarded

Me: firefox on android

It's not set up to default to HTTPS. There's nothing else to say.
It's not relevant since we're not doing any transactions here that anyone would want to MITM.
>Hey let me spoof Jow Forums so he's shitposting to me rather than to everyone else like he thinks!

20 years ago SSL wasn't common.

>>It's not relevant since we're not doing any transactions here that anyone would want to MITM.
you don't need a justification for an encrypted connection. It should be not just the default but generally the only option. On the modern web you need a justification - and a damn good one, of which there aren't many - to use an unencrypted protocol.

HTTPS Everywhere is made by EFF. I trust them over some random "company".

Sorry, but HTTPS has additional overhead. Thus you need a reason to encrypt. Unencrypted is the default.

Exactly.

Unfortunately for you, "I'm just pretending to be a Nazi" and "I just come to these threads to post Spiderman pictures" are standard-issue excuses, and governments know better than to believe them.

EFF is NSA shill. You've been tricked to put your trust on them as the """good guys"""

Seriously, ask yourself what is so good about EFF? What are their contributions to security and privacy other than offering a few shitty extensions and scaremongering.

Even TOR browser includes Botnet Everywhere by default.

Be suspicious. Be very very suspicious.

>>Sorry, but HTTPS has additional overhead.
This was an argument back in 1997 when your webserver was a Pentium 2. It's not an argument now. AES-NI has been a thing for literally a decade. TLS adds no noticeable performance burden.

More info, including from people who unlike you actually run web servers:
istlsfastyet

EFF has been fighting for our digital freedoms. They have a proven track record of their accomplishments. Which you can go and look up yourself. Seriously, EFF *are* the good guys.

The SSL Observatory feature doesn't even exist anymore, and it was opt-in before they axed it.
(Good bait though, actually made me check.)

*add a .com to that, oops