09-01-2018, 06:21 AM
GeneL wrote:
[quote=Sarcany]
[quote=GeneL]
Thank you "The Tominator!"
Your explanation was really great and I can see that it makes perfect sense, something that is pretty rare, nowadays.
It may make sense, but it's BS at this point.
Just not true anymore.
Any of it.
mattkime knows how it works.
They use SSL for the macsales.com web site. Adding another cert when you're already set up for it is hardly a burden at all.
There is a monetary cost involved if they buy a new SSL cert. Not much.
My guess is that the only reason that it hasn't been done yet is that to get it done they'd have to designate someone to take a little time out of his work-day to do it and that one person on the premises who has the expertise is probably busy doing stuff that's more important to the core business.
Happens that way with little side projects in business all the time. Frequently, I'm the one person. When prodded, my usual response is "Don't worry. I'm on it." And I am on it. It'll get done as soon as nothing else is pressing.
That's really interesting. If that's true, then wouldn't we all benefit from the added security?
We would all potentially benefit.
But there's a balance to be struck. There's no pressing business-purpose and no profit to be made from flipping on encryption. This forum is a charitable enterprise.
And the greatest risk from not encrypting is to you, not to OWC. If you log in from a coffee shop or other public hot spot without encryption, some kid or other malfeasant could hijack the session and steal your password. If it's a password that's unique to this forum then that kid could then impersonate you. If you use the same password everywhere then that kid owns all of your accounts.
But that's all on you, not on the forum-management.
I'm sure that SSL is somewhere down on their "honey-do" list. Give them some time.