https versus http

There is a lot of talk about https versus http, especially in the post-Snowden world.

This article from Dave Winer came across my feed.

In the article, Dave writes:

I want to make it easier and easier for people to run their own web servers. Google is doing what the programming priesthood always does, building the barrier to entry higher, making things more complicated, giving themselves an exclusive. This means only super nerds will be able to put up sites. And we will lose a lot of sites that were quickly posted on a whim, over the 25 years the web has existed, by people that didn’t fully understand what they were doing.

I agree that Google, and others pushing for http to be deprecated, are using scare tactics by saying a site is “not secure”. This may scare off traffic from people who don’t understand what that means.

However, I believe they are doing it for the greater good. Does every site need to be sent over a secure connection? Does my blog? No, not really. But I don’t want people, or more importantly the government, snooping in on your, or my, traffic – what we do, where we go, or what information we send or request.

I’ve written about security and privacy before. It’s something I’m passionate about, and want others to be passionate about, too. SSL and https are important. If you’re setting up a new website, app, or service, and your debating https versus http, I urge you to use it.

In some cases obtaining an SSL certificate to make your site or app https can be very inexpensive, or even free. Setting it up can be difficult depending on your level of tech savviness, but it’s well worth the effort, or cost of having your hosting provider assist you in setting it up.