One of my biggest internet pet peeves is news sites and blogs who do little more than regurgitate press releases for companies without any attempt to provide context or additional useful information. Verizon launched their Up program today. Up allows you to earn points that you can use toward things such as Apple Music subscriptions. Unfortunately it also comes with a requirement that you surrender a pretty substantial amount of privacy to them and their advertisers.
But you would not know this from reading tech blogs. Both 9to5Mac and MacRumors ran with the stores with no mention of the privacy implications. MacRumors as since updated the post to point this out. But not 9to5 as of this writing.
Far be it from me to tell people that they should not be allowed to trade their privacy for a few discounts. If they decide it is worth the tradeoff, go right ahead. But come on tech blogs, this is not a minor point with this service. It does a huge disservice to your readers to not mention it. I can get press releases direct from Verizon’s PR channels.
At least some sites such as The Verge and ArsTechnica were very clear about how this program works.
So yeah, I won’t be signing up for Verizon Up. I would not recommend you do either. Up to you, but know what you are signing up for first.
Websites hosted on WordPress’s commercial service are now encrypted using certificates from Let’s Encrypt, the free certificate authority that removes both the cost and complexity from HTTPS. If you host a site on wordpress.com, this is already available too you with no additional effort required on your part.
If you have your own hosted WordPress site and you can install software to your server, it is fairly easy to get the Let’s Encrypt software up and running. I recently migrated this site to a VPS and had no issue getting Let’s Encrypt up and running. Many shared hosting services such as DreamHost have also added support.
HTTPS is moving closer and closer to the default state of the web, and that is a good thing. A notable holdout at the moment is SquareSpace, which has never allowed custom certificates, even paid ones. I had an exchange with them on Twitter not that long ago but they did not commit to any timeframe on support for secure connections. I would urge them to move on this before it becomes a competitive disadvantage.
If you are just starting out with creating a website, I would make support for free and easy HTTPS a requirement when choosing your host.