[sdoering]

In Germany I thought if kind of sad, that a major automotive forum isn't https secured (motortalk.de). I was asking myself, how they manage their user's logins.

Then I checked. The are secured. Not sure since when, but maybe the data from whynohttps isn't as fresh as one might think.

And lot of bigger press sites (spiegel.de, faz.net. computerbild.de) aren't secured still. Kind of a shame imho.

[mstolpm]

The main reason for big media sites and forums not being https secured is the interest of the advertising community. There was a huge community discussion on sites like golem.de and Heise.de, which only recently switched to https. Login pages are protected almost all the time.

[sebazzz]

That still keeps the session and login cookie vulnerable right?