

My blog doesn't need HTTPS - elie_CH
http://scripting.com/2014/08/08/myBlogDoesntNeedHttps.html

======
jusssi
This guy is not seeing the big picture. Every time his readers access his non-
HTTPS site, a man-in-the-middle attacker can insert malicious content into the
connection.

------
diminoten
> I've looked into it, and it just isn't worth the expense and complications.

Let's talk about this. What expense, what complications? I, and many others
here, will gladly help you figure it out with not very much fuss (hopefully).

------
dtech
What a bullshit article. They're essentially saying "I don't want HTTPS
because it costs €25 a year and Google is a bad guy for penalizing me."

If sites were still accessed by IP address this guy would be mad at google for
rewarding people for using DNS because he now has to buy a domain name,
dismissing all of the advantages.

The "Google does this so more people will use Google services" argument is
conspiracy-theory-level weak arguing.

 _edit_ : after reading the comments on the blog I was reminded of the free
startssl certs, so it doesn't even cost money

