Do you remember when Googlag and other agents of the evil empire conspired to push everyone onto their https scam? A few years ago they updated their browsers to display a "not secure" warning when connected to a non-https compliant site. I had forgotten about this myself, until recently when I shared my blog with someone at a bar. He pulled up my site on his phone and immediately commented that it was not secure. Gasps and whispers could be heard from onlookers, insecure! wasn't whaack just talking about how he was interested in cryptography?
Naively, I responded by trying to explain why one should ignore the browser's warning. But countering ignorance with a wordy rational argument is pointless at best and autistic at worst. My explanation came off defensive. I should have thrown him something out of the blue.
I left the bar wondering: could Goolag & co's scheme be driving away a substantial amount of tmsr readership? On the bright side the https warning may serve as a helpful filter. If you fall for it, God help you. But perhaps there are some confused souls with potential being led astray. The pretense that Googlag gives for requiring https may be convincing to someone who has not yet "negrated" the certificate signing authorities. Think of the children!
Whether the "not secure" warning does more harm (by blocking potential noobs) than good (by filtering out the cluess) is unclear. The problem is that tmsr has no say in the matter. There's no way around this if it's a given that the enemy controls what is displayed on their cattle's screen.1 But so long as they don't modify my site itself, I can leave a little signal on the top left corner of my page.
- I'm sure they would prefer to ban all sites outside of NSABook/Instaspam/Goolag/etc. Apple's walled-garden app store is most of the way there. [↩]