Why rss in novelupdates (or particularly rss.novelupdates.com) does not support the https protocol? When the rest of the site is secured with the latest TLS 1.3 protocol? Isn’t it a Security issue that should be fixed quickly? Isn’t RSS feeds are something personal?
When Tony updated NU to use https, it broke quite a few things that he had to fix... I assume updating the rss feed would break even more. And well, RSS feeds don't have any information that should compromise you in any way AFAIK, so it shouldn't be an issue if it remains as http.
It's listed in my public reading list. *shrugs* I don't see how it is relevant that a random person out there in the internet might have access to this data of yours in plain text if they so desire to dig it. It's not particularly damaging to you in any way since they don't really know you. I can understand being wary of having your password leaked out or something with http protocols, but in the RSS feed this seems like a non-issue. In any case, it's not like Tony can't update it. He probably just deemed it as not worth his time and focused on other things instead.
Her reading list is public, so you can actually check that if you wanted to: http://www.novelupdates.com/readlist/?uname=AliceShiki
[Thinking to myself: Oh, so you have even tried out BL. I typically avoid things like Yuri, Yaoi and Josei. Not interested in reading people of same gender making out together.] @AliceShiki and @criticalmind The point is there is a reason that browsers nowadays doesn't allow http protocol at all and throws warning whenever you bump into a site that doesn't have secure https protocol supported. It's no secret that traffic in the internet moves between devvices. If the site that you are visiting does not have https that means the every data you sent or receive can be seen by anyone or any entity that works as a middleman of your internet traffic. Such as you Internet Service Provider (ISP), or the entity that sells bandwidth to them which is typically the government in many countries or even the person whose network you are using (maybe the owner of a public wifi). Now its not like everyone is a security expert so internet at the lower level tends to be very obsecure. Such as that of your ISP. It's not that hard to break into their network for many people out their. (or if there is a 100 people using the same ISP, maybe at least one) Thus internet traffic nowadays is adviced to be encrypted and for websites this encrypted protocol is called HTTPS. Which typically uses TLS encryption to secure your traffic. Now here why I think RSS feeds at NovelUpdates should be encrypted. The RSS feeds are not something that is open to public. Its a personalised feed for an user that contains the information about some last updated chapters from the novels of one or all or the reading lists of an user. Now NU RSS feeds contain four types of data. Novel Name, Last Updated Chapter, Last Updated time and of course the external link of the chapter. So, if you observe the RSS feed of an user for some time, you can know the names of the Novels that some User reads and probably guess his/her reading preference too. Now all users might not want to make their Reading Lists public. There is feature for private reading lists. Now if users novels can be seen for some obsecure http protocol, it kind of defeats the pupose of private reading list. And a breach of users privacy very close to the users username and password being publically available. Because that only gives you editing rights of user profile with the ability to see users private reading list. So, I think that RSS feeds in Novel Updates should not be kept as HTTP and should be upgraded to HTTPS soon.
All of that is trivial information and mostly pointless as well. Someone out there in the internet being aware of your novel preferences is irrelevant. There is absolutely nothing similar between those. Access to your username and password allows you to see all the private information this person has shared with others, which may very well include their name and address, and may also have this information of their friends. It's free doxing material. Not to mention that many people share passwords between sites, so that may also be free access to their e-mail and all the rest of their private information. You're comparing having access to your reading preferences to having access to your personal and actually relevant information. It's an absurd comparison. Updating the RSS feed to https is by no means a priority. None of the information available in the RSS is relevant to any 3rd party whatsoever, it's not information that puts your security at risk. Sure, Tony can do it if he wants to, but he has much higher priorities over that.
Right now the links are either, http://rss.novelupdates.com/rss.php?uid=________&unq=________&type=___&lid=local or, http://rss.novelupdates.com/rss.php?uid=________&unq=________&type=read Are they insecure? Yes. Can somebody track your requests? Yes. Will they track your nu rss feed of all things? I doubt it is worth the effort. Should it be upgraded to https? Yes. The only other info available is uid and unq. The uid is public info. Unq is not public as far as I can tell. Considering it is used as a query param, I doubt it is used anywhere else.