[Manishearth]

Pushing for the entire internet to use https is hard. Pushing for ISPs to be barred from reading http pages is easier.

My (Indian) landline ISP even writes to http pages, injecting ads for higher tier internet plans and letting me know that I've reached my data cap (after which I still have internet, but at a reduced speed).

Tor is good, but slow, and many websites block it or show captchas.

[0xmohit]

> My (Indian) landline ISP even writes to http pages, injecting ads for higher tier internet plans

I've now gotten used to pages not opening up due to ad-blockers; I refuse to disable those. It may not be all that bad to shun sites that refuse to display content upon detecting ad-blockers.

> Tor is good, but slow, and many websites block it or show captchas.

And then you have Cloudflare.

[Manishearth]

> It may not be all that bad to shun sites that refuse to display content upon detecting ad-blockers

Not sure how this is relevant; I'm talking about my ISP modifying my packets to include its own ads. The websites have no hand in this aside from the choice to use http.

While I don't like ads, I personally don't use an adblocker (just Firefox's tracking protection, which still triggers antiadblock).

[witty_username]

I've used websites with Cloudflare over Tor. There's a CAPTCHA that takes about 10-20 seconds to solve, and then you can continue browsing the site.

[witty_username]

> Pushing for ISPs to be barred from reading http pages is easier.

That's needed, but even then any random person who intercepts the cables can read your data. Or with WPA2-PSK, anybody with the password can read your data. So, treat HTTP as in the clear; it's likely someone's watching.

> Tor is good, but slow, and many websites block it or show captchas.

Tor has high latency, but the bandwidth is not that bad. CAPTCHAs only take 20 seconds per site. Other points are true.