
Ask HN: How to get an electic company to got HTTPS? - murphysbooks
I have had several frustrating exchanges with my local utility http:&#x2F;&#x2F;www.btes.net&#x2F; over their lack of https.  How does one get a company like this to listen to sound advice?
======
myworkhandle
There is no excuses anymore when its free from
[https://letsencrypt.org](https://letsencrypt.org). Maybe they need to be
hacked and data exposed?

~~~
murphysbooks
Good news. The customer service rep said they are forwardning my request to
the Networking Team after I shared [https://www.troyhunt.com/heres-why-your-
static-website-needs...](https://www.troyhunt.com/heres-why-your-static-
website-needs-https/) and pointed out how easy it is to steal login info.

A video is worth a billion words.

Hopefully, Networking doesn't blow it off.

------
godot
I also wished voting with your money/feet helped, but probably not the case if
not enough people care.

Fun story, I went to Iceland 2 years ago. When I did research for car rental,
it seemed like car rental companies in Iceland are notorious for ripping you
off/charging you for damage you didn't have etc. I spent hours reading reviews
and came down to only 2 companies that didn't have such reviews out of dozens.

I was about to book with one of them, and only when I was all the way to the
credit card step I realized they weren't on https. And I only found out
because Chrome warned me -- I had just assumed everyone with credit card forms
would be on https. So I stopped there and booked with the other company I
found.

A day later they emailed me (I filled out my email info already when I stopped
at payments), I guess they had drop off tracking. I told them the reason I
didn't book was because they didn't have https. They said thanks and will have
their web team look at it.

Last year (1 year after my trip) I checked their site out of curiosity. The
payments form still didn't have https.

------
Someone1234
Strangely their billing, account login, and similar are via HTTPS. Only their
sign up form remains insecure. This might sound odd but have you considered
writing them a physical letter? Often these bypass their first line technical
support and might be seen by someone who could act (or at least make them
aware of the issue).

------
benj111
You neglect to mention that they also do internet.

And for anyone else, yes they do have account log in.

@OP find another supplier, or if they're a monopoly complain to the regulator.

~~~
murphysbooks
I'll look into the regulator. Thanks.

