At: ashok.videdot.com/2008/secure-web-sites
I've got a little more diligent recently about using encryption where I can. In particular, several sites allow you to use an encrypted connection, but don't force it:
Google Reader, in particular, knows a slightly worrying amount about what I am interested in, and frankly I don't want to share that with the random cafes I surf in, or my employer for that matter. I wish I could tell Google somehow that I only ever wanted to use SSL and have them redirect me (a non-secure cookie would do the trick, I should think).
Some of this is about privacy, some is about trusting I am speaking to who I think I am and some is about tampering by others who participate in the distribution – something I'm thinking a bit harder about after the whole Phorm fuckwittery.
Lastly, a quick tip. I use this bookmarklet to add feeds from the current page to Reader:
javascript:var%20el=document.createElement('div');el.style.zIndex=10000;el.style.position='absolute';el.style.padding='2em';el.style.top=0;el.style.backgroundColor='#ffffcc';el.style.border='1px%20solid%20%23008000';el.style.color='%23000%20!important';el.style.fontFamily='Arial,%20sans-serif';el.style.textAlign='left';el.innerHTML='View%20the%20following%20feeds%20in%20Google%20Reader:';var%20found%20=%20false;var%20links%20=%20document.getElementsByTagName('link');for%20(var%20i%20=%200,%20link;%20link%20=%20links[i];%20i++)%20{%20var%20type%20=%20link.getAttribute('type');%20var%20rel%20=%20link.getAttribute('rel');%20var%20title%20=%20link.getAttribute('title');%20if%20(type%20&&%20(type%20==%20'application/rss+xml'%20||%20type%20==%20'application/atom+xml')%20&&%20rel%20&&%20rel%20==%20'alternate')%20{%20var%20href%20=%20link.getAttribute('href');%20if%20(!href.match(/^http/))%20{%20var%20path%20=%20(href.match(/^\//))%20?%20'/'%20:%20location.pathname;%20href='http://'%20+%20location.hostname%20+%20path%20+%20href;%20}%20var%20previewLink%20=%20document.createElement('a');%20previewLink.href%20=%20'%20https://www.google.com/reader/preview/*/feed/'%20+%20escape(href);%20previewLink.innerHTML%20=%20((title)%20?%20title%20:%20'')%20+%20'%20-%20'%20+%20href;%20previewLink.style.display='block';%20previewLink.style.color='%2300c';previewLink.style.textDecoration='underline';%20el.appendChild(previewLink);%20found%20=%20true;}}%20var%20close=document.createElement('a');%20close.innerHTML='Hide%20this%20box';%20close.href='%23';%20close.style.display='block';%20close.style.marginTop='2em';%20close.style.color='%2300c';%20close.style.textDecoration='underline';%20close.onclick=function()%20{el.style.display='none';%20return%20false;};%20el.appendChild(close);%20function%20Google_AddFeedBox()%20{document.body.appendChild(el);y=window.scroll(0,%200);}%20if%20(!found)%20alert('Oops.%20Can\'t%20find%20any%20feeds%20for%20this%20page.');%20else%20void(z=Google_AddFeedBox());
(It's a minor tweak on the 'Show all feeds' one provided by Google, taking care to send you to the secure version of Reader.)
Tagged: Security, Technology, Web, Tips
Posted at 11:03 BST, 28th June 2008.
Last changed at 12:47 BST, 28th June 2008.
No comments. Add one.