Those wishes are duplicates of this one:
Add another
Comments optional
cancel
Send report
This wish is a spam. Comments... (optional)
cancel
Send report

It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Back to wishlist
Options
Share on
Report as Duplicate   Spam

Keep it clean

If you believe that a wish duplicates another one or is not meant for the category, use Options button above to report a duplicate or spam.

Add your wish

If there is an item you wish to have on GOG.com and it’s not yet on the wishlist, please add your wish

+2322

HTTPS browsing of the whole site completed

Added by Elideb's avatar Elideb Elideb's avatar Elideb Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.

Doomed to be ignored, but I'd love being able to browse every single page in GOG.com using the secure HTTP protocol. The main page (GOG.com is available like that, but every link is transformed to plain text HTTP after request.

This wish is completed and is now available on GOG.com

39 comments about this wish

Add comment
My comment
cancel
Post it
ZMacZ ZMacZ Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

GUUD !!

Jan. 24, 2017
report
hide
pyatak pyatak Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

all announcement pages still have direct links to unsecure http

Dec. 13, 2015
report
hide
ZMacZ ZMacZ Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Yes...added security would be good....not that it will be fool proofed, but at least the noob hackers can be driven out that way..

Dec. 9, 2015
report
hide
skeletonbow skeletonbow Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

The entire GOG website appears to be https now I believe. I do use HTTPS Everywhere mind you, so I can't rule out https pages containing http links. If there are any though they could fix them all simply by changing all <a href=""http://"" class="light_un" target="_blank">"http://"</a> and <a href=""https://"" class="light_un" target="_blank">"https://"</a> in their page code to just "//:" and let the server/browser sort it out automatically the modern 2015 way. :)

Nov. 11, 2015
report
hide
reofarp reofarp Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

I was really shocked to see neither https nor checksums properly implemented. You can manually obtain the xml with the md5 checksum but even that file can only been retrieved over http.

Oct. 28, 2015
report
hide
bruceFish bruceFish Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

I'm using NoScript to enforce https on this site, which works fine. HTTPS Everywhere and similar tools should work as well.

The site should be https _by default_, however (if it isn't already, idk).

Oct. 17, 2015
report
hide
utaQcee5 utaQcee5 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

This is a no brainer.

Oct. 17, 2015
report
hide
Andtha Andtha Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

This page is https for me. I am logged in, and all GOG pages open with “https://” in front.

Oct. 9, 2015
report
hide
DracoMagister DracoMagister Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

It still use some insecure content, but blocking it don't break the site.

May. 18, 2015
report
hide
matthewzz matthewzz Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Yes definitely!

May. 11, 2015
report
hide
Lingondraken Lingondraken Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

HTTPS is becoming standard. Please be ahead of the curve GOG!

May. 9, 2015
report
hide
DracoMagister DracoMagister Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

HTTPS doesn't work anymore on the main page, only the forums and account. It never worked very well but now it doesn't work at all.

May. 6, 2015
report
hide
shmerl shmerl Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Mozilla phases out insecure HTTP: blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/

Come on GOG, it's a prime time to fix this mess.

May. 1, 2015
report
hide
mina86 mina86 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Chrome will eventually start marking HTTP sites as insecure (see [1]) and it's likely that other browsers will follow suite.

[1] www.chromium.org/Home/chromium-security/marking-http-as-non-secure

Apr. 8, 2015
report
hide
balrox balrox Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

This should be in the technical requests section...

Oh right! There is none! We need a technical requests section, so these and less known technical requests don't get swamped.
So vote for the request I added: "Add a technical feature-request section! For crowdsourcing development!"...

Apr. 3, 2015
report
hide
African_wildlife African_wildlife Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

You can use HTTPS Everywhere and a VPN (Private Internet Access is the best) to improve your security. GOG seems to have its fair share of online tracking :(

Mar. 4, 2015
report
hide
Swistaku Swistaku Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

I'll just leave it here, www.httpvshttps.com/ - HTTP/2 is coming :D

Feb. 21, 2015
report
hide
shmerl shmerl Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

It really shouldn't be that hard to fix. Why is this still broken?

Jan. 11, 2015
report
hide
ElGreenGo ElGreenGo Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Google changed their ranking algorithm recently, adding HTTPS to pages will also boost their Google ranking a little. (https://googlewebmastercentral.blogspot.com/2014/08/https-as-ranking-signal.html)

Sep. 1, 2014
report
hide
shmerl shmerl Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

It's better now, but still quote broken.

Aug. 27, 2014
report
hide
skeletonbow skeletonbow Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Sadly, the majority of SSL enabled websites on the web are insecure (Reference: www.trustworthyinternet.org/ssl-pulse/ ), which I believe is because the sites are more or less set up once to run and then focus is placed on maintaining content with security being an afterthought, and SSL being seen as a magic bullet of protection just to have it at all (whether or not it is set up correctly or properly secured). In addition, new threats appear all the time and if someone is not monitoring the security mailing lists and staying on top of security technology they aren't going to be noticing just how insecure their SSL deployment is or doing anything about it until *after* a major security breach of customer information/account credentials occurs. We see this time and time again online with even the largest of corporations, such as the recent Target franchise breaches and theft of credit card info.

It's sad to say but the majority of SSL enabled websites online are SSL security theatre, with no actual security, and both webmasters and even end customers alike will downplay the actual security threats due to lack of understanding of what they actually are. The SSL Pulse website I linked to above intends to help correct this problem over time via educating people of the actual real world threats out there.

Man in the middle attacks against SSL aren't new, but it seems that webmasters are practically unaware the attacks exist at all, or they just can't see in their own minds how someone could successfully carry one out, thinking there are only limited situations in which one would be in the position to even do an MITM attack. This doesn't match reality however, as just about everyone and their brother uses portable devices over WIFI in public places these days, which presents a huge threat enabling just about anyone to do MITM attacks against unsuspecting victims as was demonstrated against Facebook and other big sites a few years ago and ultimately lead to them SSL enabling the entire site (properly) and making it the default. Tor users, users of proxies are also prime targets for MITM attacks with or without SSL. Look at the percentage of SSL enabled webservers out there that are still to this day vulnerable to the BEAST attack now several years since it was disclosed, with seemingly nobody who runs an SSL enabled site caring whatsoever.

So the GOG website's SSL deployment is rather deplorable and insecure but the majority of the Internet is in just as bad or worse of a state sadly. Log into Steam and watch it redirect you to non-SSL pages that can have the credentials hijacked also.

It's disconcerting that this is the case, but ultimately what is going to happen is that one website at a time, people of malicious intent are going to hijack the sessions of people (whether or not those people or the website administrators are aware of the problem or even care) and they will cause data breaches to occur. Those breaches will hit the mainstream media giving the site in question a huge black eye. They'll lick their wounds, hire security consultants to fix the problems post-facto and hopefully get it right, with some nice battle scars to impress the ladies with later on.

I dunno how informed the GOG admins are, or if it's just a case of too much work too little time, but hopefully they sort this out sooner rather than later. Hopefully Valve sorts it out on Steam too.

Feb. 16, 2014
report
hide
DarkLord79 DarkLord79 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

I'm not so sure about the statements that "full HTTPS would not be required/overkill and be a performance hit", see: www.troyhunt.com/2011/11/owasp-top-10-for-net-developers-part-9.html (especially the lower third of the page regarding unsecured entry and redirect risks, the HSTS initiative and Google's performance statement)

Dec. 28, 2013
report
hide
km3k km3k Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

@HGiles. I was thinking it was just me. I had GOG enabled in HTTPSEverywhere with a custom rule, but now I need to disable it to login. :-(

Dec. 16, 2013
report
hide
Gilozard Gilozard Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

GOG did have a semi-secure version of the site, but the new sale has now broken it. Dang it GOG, what are you thinking? You can code better than this.

Dec. 13, 2013
report
hide
Revisor Revisor Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

This is more important than ever and I hope the GOG team will devote some resources to make the whole GOG website accessible via HTTPS.

Sep. 3, 2013
report
hide
Gilozard Gilozard Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

As I think we're all learning, being able to keep data off other people's servers is actually important. :)

Aug. 1, 2013
report
hide
theultramage theultramage Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

The session cookie is sent in plain text. Having the cookie is just as good as having your login, so anyone who sees your network traffic can gain access to your account (lan arp spoofing, wifi hotspot sniffing). To prove my point, I hijacked my session just by ctrl+c ctrl+v-ing the two gog cookies into another browser, giving direct access to my account. My browser does not support HTTPS-Anywhere, so it would be nice if going manually to secure.gog.com would make all the links stay on secure.gog.com.

Apr. 23, 2013
report
hide
Eroen Eroen Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

For the "Why?" questions; quite a lot of us live in countries where ISPs are required by (misguided) law to log all activity (actually only metadata, like what page was requested). Thus, https or vpn servers in different countries are required for basic privacy when browsing the web.

While gog isn't exactly a high-value target, there are countries that habitually use man-in-the-middle attacks to identify users making anonymous posts to websites. This is also defeated by both https and vpns.

While the vpn solution works great for anyone sufficiently capable and competent to use it, https on web pages ensures privacy (to the extent it is practical) for any user of the site.

Apr. 11, 2013
report
hide
l2affiki l2affiki Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Like testtest says, theres no need for encryption over every single page. Not to mention it disallows the use of caching at all levels of page retrieval: database, server, proxies and browser. This would create a huge and entirely unnecessary load on gog's website.

Jun. 28, 2012
report
hide
Elideb Elideb Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

It looks like GOG is moving forward with this. The new secure.gog.com is a great step, but so far is only available for certain sections (Account, main page). If at some point everything done while logged in is encrypted, I'll be very thankful. And for those who think that htps everywhere is unneeded or overkill for servers, you might want to read about the subject. The extra load is not that significant and the main benefit is that your session cookies are no longer sent around in the clear. Even if they are cyphered when sent to GOG, giving access to static information containing your presonal data could compromise it. People not worried about those issues can use the regular site and not suffer any response delays, but I'd rather have all my pages secured in 10 seconds than plain text in 2.arstechnica.com/business/2011/03/https-is-more-secure-so-why-isnt-the-web-using-it/

May. 18, 2012
report
hide
journeyman journeyman Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Maybe not the whole site (which would be awesome), but at least set https as mandatory for login (which actually is not, and this is a huge security hole)

May. 16, 2012
report
hide
testtest123 testtest123 Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

https is cpu-bound - both for Your computer and gog servers. AFAIK all crucial data is being sent via https protocol. I can see secure.gog.com domain Imo there is no need to allow to use https on every URL

May. 15, 2012
report
hide
Jabokoe Jabokoe Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

I don't think the store-browsing portion would benefit anything from a secure connection... And forum threads are publicly available anyway so securing that makes no sense, also the PM system already uses HTTPS. So in general anything that you want to do in private on gog.com is already secured. If you are afraid someone does XSS than that would be a browser problem... someone will try to hijack a store page in a man-in -the-middle attack? an adversary might as well opt to hijack your entire DNS request for gog.com since DNSSEC isn't supported by most DNS-zones. So that wouldn't make anything more secure...

May. 5, 2012
report
hide
RoseLegion RoseLegion Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Lovely idea, it would cause me to recommend GoG even more and I know a few folks who might support GoG over other services for a move like this.

Apr. 28, 2012
report
hide
AlbertCole AlbertCole Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Especially the login should be protected by https.

Apr. 24, 2012
report
hide
Elideb Elideb Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

The problem is that GOG has no HTTPS version of most pages, so using one of those extensions is futile in here. Those extensions try to translate all http requests to the secure equivalent, which just isn't there.

Apr. 10, 2012
report
hide
MrParmesan MrParmesan Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

You can force sites to always use HTTPS by creating a rule in this Firefox and Chrome extension https://www.eff.org/https-everywhere I haven't tried making a rule for GOG.com myself though and as the FAQ GOG.com explains the site has to already have a certain level of support of HTTPS for the extension to work.

Apr. 8, 2012
report
hide
megiddoj megiddoj Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Why not? It's a simple change and it provides better security. Remember that everything you browse over http (not https) is transmitted in clear text.

Apr. 5, 2012
report
hide
EndlessWaves EndlessWaves Sorry, data for given user is currently unavailable. Please, try again later. View profile View wishlist Start conversation Invite to friends Invite to friends Accept invitation Accept invitation Pending invitation... User since {{ user.formattedDateUserJoined }} Friends since {{ user.formattedDateUserFriended }} Unblock chat User blocked This user's wishlist is not public. You can't chat with this user due to their or your privacy settings. You can't chat with this user because you have blocked him. You can't invite this user because you have blocked him.
Comment burried. Unhide. .

Why?

Mar. 31, 2012
report
hide