Off topic but relevant post. Do you run a website?

[Mr Robot]

I apologise for this being off topic but a lot of the Atari 8-bit websites I visit will be impacted by this and I expect most of the owners are members here and I wanted to give everyone who might not have seen it a heads up.

 

As of July 2018, Google will continue its mission to make the entire web secure by marking any http website as insecure.

 

This means that if you run a website and it's not using ssl, any visitors to your site will be told that the site is insecure and the url bar will say "Not Secure" before the address. This is just the first step, the next step is to warn people and force certificate creation locally if the site is still insecure. They did this last year to sites that allowed logins or accepted payments and in January switched on the warning/cert page.

 

Safari and Chrome browsers will be affected by this, not Firefox or Edge.

 

Free website certs are available, so are free personal (ie email) certs so if you run a website and you haven't already moved to encrypt it, I'd start thinking about doing it now.

 

Again, sorry for the off topic!

 

[squonk]

https://letsencrypt.org/has worked for me as a source of free website certs. Later this month they will be offering free wildcard certs, that will work for all addresses in a domain. Just FYI.

[gozar]

I put my personal sites behind Cloudflare and use their SSL. Easy as pie: https://gtia.com

[+Nezgar]

This site (atariage.com) actually has functional HTTPS, but if you use it most links on the site will redirect you back to plain HTTP. Something for the admins to consider.

[Mr Robot]

https://letsencrypt.org/has worked for me as a source of free website certs. Later this month they will be offering free wildcard certs, that will work for all addresses in a domain. Just FYI.

 

yep, thats who I use, getting that to work with NameCheap was a pita. Having to renew every 90 days is the only limitation.

[+CharlieChaplin]

This site (atariage.com) actually has functional HTTPS, but if you use it most links on the site will redirect you back to plain HTTP. Something for the admins to consider.

 

Thanks to this it works with the A8 and the Dragoncart (tested it). Make it full https and it does not work with Dragoncart anymore...

[+Nezgar]

Nothing saying the site has to force HTTPS.. In this case it would be nice if I choose to connect via HTTPS that links don't downgrade me, and vice versa.

[Fred_M]

I use letsencrypt for my atarimuseum.nl and rewindgames.eu websites. It integrates perfectly in Wordpress and Opencart. The 90 day limit is absolutey no problem. The certificates are renewed every 90 days automatically. You don't have to do anything yourself

[ivop]

Forcing every website to go https is absurd. A lot of static pages don't need encryption and with encryption they are no longer cached and will lead to increased bandwidth usage. Not to mention all the wasted CPU power for useless encryption and decryption... But yeah, this is off-topic

[flashjazzcat]

Wasn't aware of these changes but I thought I might as well fix my site up in advance. Isn't taking long but it does seem rather unnecessary.

[carlsson]

Nezgar: Albert is fully aware of the https issue, and has some explanations here: http://atariage.com/forums/topic/272561-insecure-password-warning-in-firefox

[Mr Robot]

Here are the Google security advisories

 

https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html

 

https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html