09-18-2016 05:47 PM
09-18-2016 10:38 PM
09-18-2016 11:45 PM
I think that the main point that I am making is that the Ebay Site is not secure. It is not google chrome that has the problem it is Ebay. It is just google chrome that is pointing out the unsecure websites.
Here is my facebook page, it is secure:
Here is email page, it is secure:
09-18-2016 11:54 PM
09-18-2016 11:56 PM
09-19-2016 12:02 AM
Well MJ your statements might be true
Whether it is an eBay problem,
Or whether it is a problem that chrome has with eBay.
However, if in Jan 2017 this shows up for the millions of people who use chrome, how would you feel about buying on ebay?
09-19-2016 12:17 AM
And then sometime after that they will show this.
09-19-2016 12:27 AM
09-19-2016 12:39 AM
Hi MJ,
This was more info that I found here:
http://www.techworld.com/security/why-googles-love-of-https-will-change-internet-forever-3646416/
"In due course, the not secure labelling will be applied to all websites, in effect making https a new default level of security for every and any website. Google isn’t the only big name to announce such a policy (Mozilla has also made similar noises regarding Firefox) but it is the first to spell out a more defined timescale. Because Google is also the Internet’s dominant search provider means that the announcement has wider implications."
And MJ, I hope you don't think I am picking on you, I'm not, just having a conversation that other sellers can be aware of what it all means.
09-19-2016 12:48 AM
09-19-2016 12:56 AM
Here is more info: I agree that there has been some bad blood between google and ebay. I think it is a complicated issue.
Not using an encrypted connection means a hacker using the same Wi-Fi at your favorite coffee shop could steal your passwords or banking information, and that your internet service provider can better track your online activity and sell your private data to advertisers. But it also means that a repressive government can know exactly what articles or sites you’re visiting, and could even censor only certain pages within a website. Government spies could also take advantage of the lack of encryption to infect your computer with malware or spyware, or use your connection as part of a cyberattack on somebody else.
“HTTPS provides confidentiality (traffic is unintelligible to those without [encryption] keys) and integrity (traffic is verified when it arrives at its destination as being the same traffic that was sent),” Joseph Hall, the chief technologist with the Center for Democracy and Technology, told Motherboard in an online chat. “Integrity is increasingly the value the entire Crypto War is missing, ensuring that any middleman between the browser and the destination cannot add, subtract, or modify content in transit.”
That’s why privacy and security advocates have been pushing for the whole internet to be encrypted, and not just login portals or pages containing users’ private data.
“This planet is going to need a secure medium of communication, and that’s going to have to be a secure version of the web,” Peter Eckersley, chief computer scientist at the Electronic Frontier Foundation, told Motherboard.
Google has been one of the big companies and organization pushing for more encryption, but others, such as Apple, Mozilla, and the EFF, has all been part of the movement.
Moving to HTTPS isn’t like just flipping a switch
There have been several challenges that have been slowing down a fully encrypted web. First of all, getting a TLS or SSL security certificate for a website was expensive and involved considerable bureaucracy.
However, for websites with a complex infrastructure, and content served by third-parties, such as ads, moving to HTTPS isn’t like just flipping a switch. That’s why websites, especially news ones, can only be encrypted if the ads they are serving are also encrypted.
In the past, Google has called for more encryption across the internet (including emails) and recently hinted that it wanted to shame all websites that didn’t use it. But even Google itself hasn’t achieved the dream of going full HTTPS.
09-19-2016 01:02 AM
Hi MJ, I think I've posted enough on this problem. I just noticed it tonight and thought I would investigate. I will bring it up to Raphael on Wed, but I think that the response will be they are working on it.
I hope that ebay resolves the issue before Jan 2017.
09-19-2016 02:40 AM - edited 09-19-2016 02:42 AM
Interesting. I have been using Google Chrome since ages ago (FireFox is my second favourite) and I didn't notice that eBay is "unsecure". I have probably ignored it for the longest time but then again, I also rarely buy on eBay...
I wonder if that could explain why my sales were so dead the past few months. I did stop selling for a few weeks because of potential CP strike/lockout a while back and I went on a long vacation back in April, but since April I have had less than 10 sales a month, and this month only two sales so far. My hourly wage at work quadruples my eBay profit in September lol. But this month I also listed my items as GTC (because that's the promo I got) instead of the usual 30 days fixed price so I wonder if that makes a difference? At this rate I'm gonna be losing my TRS...
Well, I do notice that more websites (outside eBay) are selling similar books at cheaper prices than me and I can't lower my prices much more because of shipping cost from my end, so I guess I'm just slowly getting eliminated by my competitors lol.
09-19-2016 09:25 PM
I'm using Microsoft Edge (the new browser that comes with Windows 10) and when I made a purchase earlier this evening, the pages that should be secure (sign-in and check-out) were, in fact, secure.
The rest of the site wasn't, although from my limited understanding (I'm not a security guru, just an average Joe) not every page on a website needs to be secure if sensitive information isn't being transmitted.
09-19-2016 09:52 PM
I'm not that worried about it. Just buyers who are not as tech savvy as some of us are going to be very weary about buying on a website that most of the time shows as not secure. Ebay has had a few breaches that we know about, I am sure there have been a lot more that we don't know about.
All search pages on amazon are all secure, on ebay even though I am logged in and in my store and listing, it is all unsecure.
09-19-2016 10:46 PM
So I pulled up this list of the top 25 online retailers.......
http://wwd.com/business-news/financial/amazon-walmart-top-ecommerce-retailers-10383750/
I didn't check all 25 of them but I did find the following that are NOT secured.....
Apple
Lowes
Gap
Staples
Costco
Target
Nike
Neiman Marcus
Nordstrom
Not in the top 25 but probably close
LL Bean
New Egg
Dell
Non-retailers also not secure
Intel
Ford
GM
MSN
Bing
Either everyone will suck it up and put SSL in place, Google will back down or the world will end.
Hopefully the world will end so I can go back to sleep!
09-19-2016 11:00 PM
Hear, hear.
Quit using Google Chrome = immediate fix.
09-20-2016 08:08 PM
@mjwl2006 wrote:Hear, hear.
Quit using Google Chrome = immediate fix.
Yes, perhaps temporarily though. I suspect that where Google goes, the rest of the industry -- and world -- will soon follow.
This change is a fairly recent development. Now I'm sorry I ignored and tossed out as irritating spam the messages I'd been receiving over the past 3 or 4 months advising me about changes required to my website.
It turns out they were real, although filled with (to the normal person) unintelligible gobbledygook in the geekish language about what I needed to do. Presumably eBay's programmers can make sense of them and will take steps before 2017. I see that both Etsy and Yahoo are already up to snuff. Ah, but Facebook -- well, what do they care since they're already promiscuous?
I'm hoping my web hosting company will take care of my site for me at some point, as I see it has that tell-tale circled "i", soon to be a screaming warning about being insecure. They'll no doubt charge me a fee to do it.
Thanks very much to the OP for pointing this out and making us take proper notice. Like so many changes on the internet -- whether on eBay or otherwise -- we tend to ignore them or pass them off as just another background upgrade.
09-20-2016 09:09 PM
09-20-2016 09:11 PM
Your hosting company will not take care of it unless you pay for a dedicated IP address and an SSL certificate.
09-20-2016 10:17 PM