Quote (krazi_mofo111 @ Mar 24 2011 03:15am)
HTTPS requires heavy server side computation and would likely affect site performance... the SSL encryption algorithms essentially double page load times. Voting No. You shouldn't log on from unsecured locations anyway.
Also, the only thing HTTPS would prevent is cookie jacking on JSP. All credit card transactions etc. are handled by 3rd parties who use encryption. That said, if you get cookie jacked, it's your own damn fault. You shouldn't be browsing from an unsecured wifi network.
HTTPS should be an option, not necessarily a requirement. I don't believe HTTPS would affect site performance, this isn't the 90's. With the advancements in broadband and browser technology no one with a Cable/Fiber, DSL or mobile broadband connection would notice a difference.
If someone gets cookie jacked it isn't the end users fault, it is the person jacking cookies who is at fault as they are initiating malicious actions. Not everyone has the convenience of being in the comfort of their home every time they are browsing jsp so blaming potential victims because "hackers" exploit their unsecured situation doesn't make sense.
There is no real downside to HTTPS, I don't know how anyone could be against it. The benefits of a secure connection when logging in and making forum gold transactions outweigh any potential performance issues.
Here is a study done comparing the two (HTTP, HTTPS (40 bit) & HTTPS (128 bit):
http://www.cs.nyu.edu/artg/research/comparison/comparison_slides/sld017.htmThere is of course cases like these:
https://www.eff.org/deeplinks/2011/03/iranian-hackers-obtain-fraudulent-httpsThis post was edited by killgoreisleet on Mar 24 2011 02:37pm
Guests cannot view or vote in polls. Please register or login.