Slashdot Mirror

← Back to Stories (view on slashdot.org)

The State of Slashdot: Https, Poll Changes, Auto-Refresh, Videos, and More

Posted by whipslash on from the make-slashdot-great-again dept.

As of yesterday, Slashdot now serves over https. In addition, the polls have been moved exclusively to the right rail, and will not show up with the other stories any longer. We've also disabled auto-refresh, and fixed various issues with search and other features. In the last few weeks, we've also discontinued videos, and removed the "Jobs" section of the site. You can follow all of the changes on the Slashdot blog.

17 of 546 comments (clear)

  1. Re:Where's my UTF8? by whipslash · · Score: 5, Informative

    It's coming

  2. Re:How can I give you money for this? by whipslash · · Score: 3, Informative

    Those kind words of support are enough for now. Hang on to the money for now! We will be evaluating a strategy for subscriptions soon.

  3. Re:Can't Post by whipslash · · Score: 4, Informative

    There might be some hiccups like this. Email feedback@slashdot.org if you find any. We will investigate this mobile posting ASAP.

  4. Re:Disable ads is a fraud by whipslash · · Score: 3, Informative

    Yes there are some issues here we will address soon

  5. Congratulations, thats a big step by vivaoporto · · Score: 5, Informative

    Congratulations to the new team, thats a big step towards keeping their loyal audience regaining goodwill among the tech crowd.

    The quality of the improvements and the effort of the new team is visible, it even gets an A on ssl quality test.

    Good job and don't rest on the laurels, get working on the Unicode support because that's one of the missing features.

  6. Re:Disable Anonymous Cowards... by sinij · · Score: 4, Informative

    Absolutely not. AC is integral part of /.

  7. Re:auto-refresh sucked. Beware UTF8 injections by whipslash · · Score: 3, Informative

    Noted. Yes we had an issue with the proxy detection, but we've since fixed it.

  8. Re:Where's my IPv6 by whipslash · · Score: 4, Informative

    It's coming!

  9. Re:Nice Changes For Sure, But...... by whipslash · · Score: 4, Informative

    We've made a concerted effort to stop linking to paywalled sites. Only exception would be if its breaking news not covered anywhere else

  10. Re:Do Not Disable AC by whipslash · · Score: 5, Informative

    We are not disabling AC

  11. Re:Where's my UTF8? by doconnor · · Score: 4, Informative

    Look like subscriptions is still a thing, assuming you have an account.

  12. Re:Disable Anonymous Cowards... by __aaclcg7560 · · Score: 3, Informative

    If you don't like the comment, DONT FUCKING READ IT.

    Logical fail. The only way I can tell if I like a comment or not is to read it.

    I'm sick of little pussies like you with their hurt feelings blaming your Facebook "sad face" sticker situation on the ACs

    You must have me confused with someone else. I don't do Facebook.

  13. Re:Examining the certificate by XanC · · Score: 3, Informative

    How exactly is verifying a site's identity by relying on the site itself, via the same channel, any better than zero authentication at all?

  14. I call bullshit. by Chas · · Score: 5, Informative

    I am consistently modded down for having a conservative viewpoint. I generally don't even log-in anymore because when I do post a conservative viewpoint, my inbox is shortly after filled with "fu republican" type posts.

    Funny. I've been posting as an evil, stealing-candy-from-babies Republican here for years (Note the nominally low UID? Yeah, that long.).

    I can think of maybe, MAYBE one or two rude messages I've received from fellow users over the years.
    And my karma's quite good...

    So...Unless you're posting some absolutely whack-job stuff, I call bullshit.

    --


    Chas - The one, the only.
    THANK GOD!!!
  15. Re:HTTPS and Interstitials. by repvik · · Score: 3, Informative

    It really shouldn't work.

    The plaintext version of slashdot uses http 301 (moved permanently), which causes the browser to simply skip connecting to the plaintext version the next time and connect directly to the redirected https URL.
    Google.com however, uses http 302 (moved), which does not cause this caching to occur, and will work just fine for this purpose.

    If Slashdot had used the "Strict-Transport-Security" header as well, your browser should categorically refuse to connect to the plaintext version (after your first connection) until the expiry date has been reached (usually quite a few weeks into the future)

    If you can use http://slashdot.org/ the same way you use http://google.com/ your browser has security issues.

  16. Re:Where's my IPv6 by repvik · · Score: 4, Informative

    You might wanna look at what headers slashdot sends as well: https://securityheaders.io/?q=...

  17. Until late 2013, ad networks didn't support HTTPS by tepples · · Score: 3, Informative

    I had in fact been wondering for quite some time how come a technology oriented site isn't securing traffic with TLS.

    Because until relatively recently (September 2013), ad networks did not support HTTPS. Thus browsers would block ads as mixed content. So in order to make the ads appear, Slashdot would redirect HTTPS visits from non-subscribers to HTTP.