Any sensitive data you submit or get served on that site can be intercepted, read, or possibly changed on the way to you (called a “man in the middle” attack). Including your location data, credit card info, username, password, etc.
A vpn could mitigate this somewhat, but it would still be unencrypted between their network out point and the site’s server.
I’d also call it a red flag in terms of their security. If they aren’t competent/diligent enough to implement SSL encryption, I’d be a bit worried that they may be vulnerable to a hacker replacing their safe file downloads with a malicious one.
This would be even worse on a public wireless network where somebody could catch your packets on the way to the router.
Thanks! I don’t use any identifying information and always use VPN. I don’t care if they get the username/password for that account anyway. So, I hope that helps. Haha But, yeah, not great for security and always try to avoid http.
Any sensitive data you submit or get served on that site can be intercepted, read, or possibly changed on the way to you (called a “man in the middle” attack). Including your location data, credit card info, username, password, etc.
A vpn could mitigate this somewhat, but it would still be unencrypted between their network out point and the site’s server.
I’d also call it a red flag in terms of their security. If they aren’t competent/diligent enough to implement SSL encryption, I’d be a bit worried that they may be vulnerable to a hacker replacing their safe file downloads with a malicious one.
This would be even worse on a public wireless network where somebody could catch your packets on the way to the router.
Thanks! I don’t use any identifying information and always use VPN. I don’t care if they get the username/password for that account anyway. So, I hope that helps. Haha But, yeah, not great for security and always try to avoid http.