Re: [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Re: [Inkscape-devel] Vectors Meeting - Tomorrow - Possible Postponement

Raymond Wan
Hi all,

On Fri, May 10, 2019 at 10:11 AM Ryan Gorley via Inkscape-user
<[hidden email]> wrote:
> Offering a website connection over an encrypted HTTPS path isn't just about protecting credit card numbers or passwords anymore. Encryption protects a visitor from unwanted snooping and tampering by anyone along the worldwide network between that user's computer and the website's host. To illustrate, my ISP began injecting popup notices on my screen without my consent during casual web browsing (only on HTTP sites) when I was approaching their monthly usage limit. I'm sure they are scraping and selling every bit of information about me that they can whenever I visit and interact with an unencrypted site. No doubt the dozens of others (ISPs, employers, governments) who handle my information are doing the same. I don't think there is a great argument to be made for not offering this protection to our visitors if we can--which we do.

I have to admit that I'm not involved in what you're discussing -- I'm
actually just watching the messages come in.  But this thread has gone
on long enough that it caught my attention and I started reading it.

I guess everyone can offer their 2 cents into this discussion.  I
guess encrypted HTTPS will be more and more common in the years ahead
and yes, it might even become the default.  Just a few years ago, I
was running a WordPress-based web site with HTTPS.  Everything was
fine, but *one* unmaintained plugin made it impossible.  (It didn't
accept URLs with "https".)  As time passes, HTTPS will so common that
something like this won't occur.  But I don't think we're there just
yet...  We're in some transition period and I think (as IT
professionals), we have to accept that and just explain it to users.
The fact is, we could have used another plugin; but we did not have
the resources to write a competing plugin to get it working.  I think
I'd be shell-shocked if a user came up to me and said "we didn't care
about them".

I guess we can argue in circles and as someone who isn't involved in
all the great work you all are doing, I shouldn't say too much.  But
allow me to digress with an analogy.  Where I am currently living, I
occasionally see people wrap their fingers with a tissue before they
push an elevator button.  And just recently, I heard of someone who
wipes their kitchen down with alcohol every evening.  Now, perhaps
there is one or two of you that completely agree with them; but
sometimes, I wished some (medical?) professional would come in and say
that the former isn't necessary unless you had an open cut on your
finger (they did not).  Or, s/he should say that a clean kitchen is
great, but daily cleansing with an alcohol will lower one's own
immunity; and that's ignoring the problem of breathing in fumes every
day from disinfectant alcohol.

As for your last sentence in the paragraph above, you said, "I don't
think there is a great argument ... for not offering this protection".
I can think of one, but along the lines of my analogy.  When I see
someone hit the elevator button with a tissue-covered finger, I think
to myself, "I don't think I want to hang around with someone like
that."  (Rest assured, they probably don't want to hang around me
unless they need someone to hit the elevator buttons for them
everywhere they go!)

These two stories aren't exactly the same as HTTPS, but it's what I
first thought of as I skimmed over this thread.  Apologies for the


Inkscape-user mailing list
[hidden email]