They have a CA signed cert.

Bookmark this - always use it to start your session.


Be advised that youtube embeds wont work on some browsers if you are using calguns via SSL.

why would you want or not want the https?

I have both open and do not see a difference

IMO, no good reason to use https here unless you are conspiring to commit crimes via PM or sharing credit card or banking info via Pm, or you reuse your calguns password on your online banks accounts.

Everything you post here other than PM is public, and hackers dont get passwords very often from packet sniffing. They use keystroke loggers or they go for unsalted password databases. A browser is never going to warn you of a real hack on your information. Transport encryption is sort of low on the totem pole when it comes to security, and it's importance is over-hyped.

The bigger question is, is your info encrypted at rest here (almost certainly not, save for your pwd which may or may not be properly salted). It is far easier to attack a stationary target than one in transport, and you have no control over how your info is stored at the far end nor any knowledge. And so many people have keystroke loggers and screen scrapers on their own machines but have no idea.

A browser SSL warning or non-warning is a shiny penny; just because you see a green url bar tells you very, very little about your security on that site.

But if you have more tinfoil than you know what to do with, fold up a hat and use the https calguns, and tell yourself you are smart and secure. Repeat regularly while staring into a mirror...

The only problem with using public wi-fi is most folks have no idea if they are connecting to a hackers wi-fi, in which case SSL will not always help you. You do know there are proxies that can decrypt/recrypt SSL while sitting in the middle? And unless you know exactly what to do when presented with a certificate warning (most people do not), then it is not so helpful. And the hacker will try and get you to install his cert on the 'welcome to public wi-fi' redirect page when you connect.


I guess there are people still using Firesheep to grab un-encrypted cookies but sophisticated hackers have moved on to man in the middle decrypt/recrypt.

Yes Public wi-fi is ripe for shenanigans, but it starts with you connecting to public wi-fi. Once you are a client on a hackers network all bets are off. The best play on public wifi is to be very wary, expect that you are transmitting in the clear and act accordingly.

I never, ever connect my laptop to public wifi. I will occasionally connect IPad to pub wifi, but not typically because I carry my own cellular hotspot.

I agree with you, https is an absolute must on pub wifi - especially shopping or banking. Just don't trick yourself into thinking it is the end all solution, and if possible avoid those activities on pub wifi.

And in any case, even on public wifi I am not concerned about using Calguns in the clear - seriously, not at all. No more concerned than I would be logging into candycrush in the clear. If you have sensitive information stored or you are sharing sensitive info on an internet discussion forum, or re-using your Morgan Stanley password on Calguns, you're doing it wrong. Nothing will save you.

awesome thanks guy