Explain the warning about this site please


#1

I did an update this week. I’m running Windows 10 and browsing using Microsoft Edge 42.17134.1.0. I noticed today in the URL line when I’m at cartalk, “Not secure” and when I click to get more description, it reads:
“Be careful here
Some content on this page is not encrypted which makes it possible for others to see or change information you share with this site.”
What does this mean practically for posters? Or does it really mean anything? Or is this from some fear-mongers and/or lawyers at Microsoft?


#2

It just means that it is not secured like a banking site so everyone can see what you post logged in or not.


#3

I wonder if that has been displayed for a while and I just saw it or if this is a new “feature” in this particular upgrade.


#4

In the good old days nothing on the Internet was secure (unless you encrypted it yourself).
When people wanted security they didn’t have to think about, Secure Socket Layer was adopted. SSL is an additional layer in the network stack that encrypts traffic. It became so common that even sites that didn’t care about encryption adopted it. It’s a bit like ‘Reg Penna Dept Agr’: people expect to see it, worry when they don’t, even when they don’t understand it. The warning means that some of the traffic from the site isn’t encrypted.

Which means you shouldn’t post any state secrets, valuable personal information, etc. We don’t want to read it anyway.


#5

I would guess the advertisements are not encrypted, which shouldn’t concern you.

BTW, the only thing a Microsoft browser (IE or Edge) is good for us downloading a better browser, like Chrome or Firefox. If you continue to use Edge, expect to encounter problems.


#6

I kinda figured it was something from the lawyers and fear-mongers at Microsoft; in addition, I bet Microsoft has some certificate the website owner can buy to get the “not secure” message to go away, so the fear mongers, lawyers, and sales people must have teamed up on this one. In other words, nothing has changed on the site; it’s the upgrade that’s changed something most likely.


#7

I was really hoping to hear a response from one of the cartalk website people that deal with this crap every day. I figured it was something that changed with the upgrade, not with the site.

As far as the browser I use, I’ve used Chrome some, Explorer, Edge, and a little Firefox. For what I do, I don’t see much difference. If I did more complicated stuff, I might see better aspects of one over another.

At work, I’m more-or-less forced to use the default Microsoft browser, so that’s what I’ve migrated to for non-work stuff. I’m also quite lazy when it comes to computer stuff now - I really don’t want to migrate all my favorites and set up all my accounts (like finding all my passwords) into a new browser. And I don’t know if I want to bother remembering how to do the same things differently.

Anyway, thanks for responding.


#8

Send them a message directly.


#9

Yeah, I did the post because I thought maybe some other users might have the same question or have seen the same thing. I’m very convinced now that it was the update and not the site that changed. I have messaged them directly in the past and they’ve been good about responding.


#10

SSL is an open, independent specification, not owned by anyone. Anyone can get a certificate; there are even free certificates. If you want to follow the rules you can set up a certification service. If you want insurance to cover losses from the cracking of encrypted traffic you need to pay for that with your certificate. I’ve shopped for one for a site I manage.

The deal is that the encryption the site uses is certified by an independent certification organization. When you connect, you don’t just connect to the site but also verify the certificate with the issuing organization. Every site I have seen accepts certificates from every legitimized certificate issuer (legitimized by their own professional organization) - not just from captive issuers. In the beginning there were only independent certifiers. I think Google issues its own certificates these days, but you don’t have to use theirs. I don’t know about Microsoft.

Back when we started doing this, I created our own certificate to test with. It worked, but the browser warned that the certificate came from an unverified issuer.


#11

I have notified the CTC Admin and asked for a clarification. Thanks for making it known.


#12

Just look down 8 posts to one I posted back on 4/23- Unable to establish secure connection

The difference is that my phone browser does not just issue a warning- it will not connect because of the certificate issue…


#13

Hello. Sorry, I wasn’t in the forum very much over the weekend. I missed this at the time, but John brought it to my attention. I don’t know myself, but we can pass this detailed info on and see what the technical support folks know. I’m not seeing the error, so if it’s an issue for many of you, please let me know.


#14

Sites like this are rarely secured. It’s an open forum that anyone can join.

I wouldn’t worry about it.


#15

Are you still seeing it?


#16

Not right now. You must have some security fu-fu dust!


#17

It’s all in the nose-wiggle. Please update the thread if it comes back!


#18

I was wondering what ever happened to Tabitha. Can you wiggle it without using your finger now?

I suppose we need to meet over at the “Bewitched” fan message board…