advert warning

r ranson wrote:Thanks, I'm getting something like that too.  I've sent up the bat signal.

Pro tip: If you start a new thread in the tinkering forum (instead of posting to an existing thread), it will send an email to all the senior staff.

r ranson wrote:Do we know which banner ad is causing this issue?

r ranson wrote:This is a great mystery.  Thanks for the morning puzzle.

We can see that the https version of that site doesn't work because it's built for http.  (I don't know what that means).

If I use http I get the page.  If I use https I get the error.

example
https://www.stoves2.com - error
http://www.stoves2.com - works.

So I went to the place where the banner ads live.  Did several search things and I could find several with the http link, but I couldn't find any with the https link.  (I've passed it on to someone who understands computers incase I looked wrong)

So the question for you - is it possible your computer is trying to help by anticipating you want to go to an https link when it should be going to an http link?  And how would we test this?  

r ranson wrote:This is a great mystery.  Thanks for the morning puzzle.

I am pretty sure you solved it, great detective work, R!!

We can see that the https version of that site doesn't work because it's built for http.  (I don't know what that means).

If I use http I get the page.  If I use https I get the error.

example
https://www.stoves2.com - error

I clicked on the above link, the dastardly extra S one, and got the same warning from my VPP. Way to go, Sherlock Ranson!!!

M Rives wrote:Skip this unless you want to know more about httpS vs. http web pages

As Artie Johnson used to say, "Verrrrrry interesting!" but he was being sarcastic whereas I am not. This is very interesting. And obviously I was flat out WRONG about there not being any https web pages or is that webpages?


Just FYI, the httpS means that your connection to the web site is Secured by encryption. This is very important if you are doing anything you don't want others to be able to see. For example, filling in a form with your credit card info.

There is a move toward making all web browser connections secure using https so at least some web browsers will default to using https. For example, if you just type somewebpage.com in the address bar, your browser will automatically try to go to https://somewebpage.com where it used to go to http://somewebpage.com.

In this specific case, the real content is at http://www.stoves2.com (which then points to http://www.woodburningstoves2.com). The weirdness happens because there is also an httpS://www.stoves2.com. The problem is with the security of the https page.  In order to prove the connection is secure, the web page needs the right credentials (called a certificate) which must be purchased from a known legit source. https://www.stoves2.com has a security certificate, but they created it themselves rather than purchasing it from a known source. This means the connection is encrypted and cannot be eavesdropped by anyone but it does not provide any assurance that the web site is who it claims to be, hence the warning of an insecure site.

Terry Byrne wrote:
Does this mean that the Web is going to be increasingly monetized, ie. somebodies somewheres are going to charge a fee to encrypt pages/websites even?