{"id":251929,"date":"2017-03-03T06:56:29","date_gmt":"2017-03-03T13:56:29","guid":{"rendered":"http:\/\/css-tricks.com\/?p=251929"},"modified":"2017-03-07T12:40:49","modified_gmt":"2017-03-07T19:40:49","slug":"just-another-https-nudge","status":"publish","type":"post","link":"https:\/\/css-tricks.com\/just-another-https-nudge\/","title":{"rendered":"Just Another HTTPS Nudge"},"content":{"rendered":"
I was strongly reminded about the scariness of non-secure websites the other day. <\/p>\n
I’m using Xfinity as an internet service provider, and they give you a device that is both a cable modem and a router. <\/p>\n
Here’s a tiny bit of backstory. I use a VPN, and I discovered that in using their modem directly, the VPN wouldn’t work. I’m not sure why. I didn’t dig into it very far, because I have a modem of my own I’d prefer to use. So I plugged that in, which worked… but not particularly well. The connection was spotty and slow, even right in my own house.<\/p>\n
<\/p>\n
I think (maybe?) it was competing WiFi signals from the two routers sitting right next to each other. Don’t quote me on that. The reason I think that is because, fortunately, I was able to turn off the router on the Xfinity device, and that solved the problem. Thde speed and connectivity was back. To their credit, it was really<\/em> fast. The Xfinity device has a featured called “Bridge Mode” that is specifically for turning off the router so that you can use your own. I was able to enable that, use my own router, get the speed back, and connect to the VPN. <\/p>\n Win! That lasted for a few months. Then recently there was some weird big internet outage in our area. Xfinity notified us about it. They had to push some updates or something to our device, and that broke everything again. I struggled with it for days, but what ultimately worked was turning off Bridge Mode, and turning it back on again (isn’t it always?).<\/p>\n In those in-between days, the only thing I could figure out to get online was to connect to the SSID “xfinitywifi” that this router seemed to be emitting. This “xfinity” network is unusual because it behaves kinda like a coffee shop or university hotspot in that it pops up that weird browser modal and you have to log in with your (Xfinity) credentials. It’s a value-add kinda thing for their service. Their routers are dotted all over the place, so if you’re a customer of theirs, you get internet (“for free”) a lot of places. My fiance was at the doctor the other day, and she was using it there.<\/p>\n If that’s the network you’re connected to, Xfinity performs man-in-the-middle attacks on websites<\/strong> to send you messages. Here’s an example of me just looking at a (non-secure) website:<\/p>\n