HTTP Forever

The web is getting more and more secure, which is good news given all the data breaches, malware, ransomware, and other cyber security incidents that are littering the news these days (or at least, my news feed, but that could be of the blogs that I follow!).

I suppose I should be more specific, and what I really mean is that more and more websites are using secure HTTPS connections, as they well should do.  I’ve written before about why your website should be secure and that HTTP is dead.  But there’s plenty of data out there to show this to be true.

So why my seemingly counter blog post today?

Well I’ve been travelling a bit more recently, and that means unfriendly wifi.  And by unfriendly, I generally mean hotel/airport/cafe wifi.  Not necessarily unfriendly, I certainly appreciate having access to it, but it’s hard to really know if you can trust it.  What they really love to do is have those redirects where you log in, give them your email address (possibly room number, if it’s a hotel) and sign up to whatever they say just to get connected.  However, if you try this with a secure (HTTPS) page you simply get a error screen in modern browsers warning you about dodgy certificates, which isn’t very helpful (don’t ever click through these).

In this case, head over to HTTP Forever, which as the name suggests, is a deliberately non-secure website.  It’s shipped over HTTP and therefore the wifi can intercept and redirect you to their landing page.

Once successfully connected, I’d recommend utilising a VPN, just in case it really is unfriendly wifi.