Any chance of SSL/https support in the future? Not only would this add security, but it would cut down on keyword sniffers, prying eyes, etc watching traffic (especially at work).
If you enjoy the forum please consider supporting it by signing up for a NES Membership The benefits pay for the membership many times over.
Be sure to enter the NES/MFS May Giveaway ***Canik METE SFX***
The Cert isn't an issue... for casual use you can just use a fake/self signed cert... who cares.
The CPU cycle thing is definitely a big problem, though.
What I'd probably do is run an SSH tunnel from your PC, set up a separate browser with a proxy back to your home PC and push the traffic through the tunnel.
-Mike
The Cert isn't an issue... for casual use you can just use a fake/self signed cert... who cares.
No reason to buy a premium certificate, for under $50/year you can get a standard certificate from GoDaddy or another CA that is trusted by all modern browsers.Speaking as someone who runs web sites: Adding SSL to all pages tends to add a lot of CPU cycles on the web server. It also costs a couple hundred bucks a year for the cert.
There are ISPs who sniff traffic for targeted ads, wireless attacks that capture cookies to hijack your session, and hostile TOR exit nodes that do all of the above. Correctly implemented, SSL protects against the majority of likely privacy compromises by non-state-actors.
No reason to buy a premium certificate, for under $50/year you can get a standard certificate from GoDaddy or another CA that is trusted by all modern browsers.
As far as CPU overhead, in recent years processors have gotten a lot better, and the overhead for 'always SSL' is no longer a big deal. Google reports that switching GMail over to being fully SSLized only added about 1% to their CPU load:
http://techie-buzz.com/tech-news/google-switch-ssl-cost.html
As for TOR, who cares if some knuckle dragger in Istanbul sees you browsing NES...it's for anonymous browsing not banking. Argue JS exploits I guess....