Exactly. The look doesn't really need improving. It has stood the test of Internet time. Plenty of new sites have come and gone yet /. remains. If you want to make improvements then consider asking the users what they would consider improvements. Examples of something you might want to discuss: the ability to edit our posts .. even if for a short time.

No matter what - if you do decide to change the look anyway then be sure to leave an option for existing users to keep the classic interface.

The Beta leaves much to be desired and seems like it is change for the sake of change.

Quit trying to be what other sites are being and stay true /.'s roots.

Last Update: 2013-05-09

Why not give it a shot yourself -> http://sourceforge.net/project... ?

So what are you proposing instead?

I think the whole point of HTTPS Everywhere is that using it is better than not using it. Some say the improvement is marginal at best. Some say it isn't an improvement at all. What none of the naysayers are saying is how they are doing it better.

As security increases, convenience decreases.

Money grab. Without enforcement on TLD usage (new and old) they can be meaningless.

Money and power corrupt.

When the parents and grandparents start using it the "kids" tend to move elsewhere. Eventually the parents and grandparents follow. Lather, rinse, repeat.

VPNs can be useful. They should be used to forcibly encrypting traffic as well as only restricting traffic to known sources, destinations, ports, etc.

Some PHBs think encryption like https is good enough and that simply isn't the case. Systems that have no business connecting to the Internet should be explicitly blocked from doing so. Systems that need to transmit data over the Internet for B2B traffic should do it over a VPN connection whenever possible with restrictions. I have seen too many systems granted open Internet access to download a single file from a business partner.

I'll guess the reason it keeps happening is because most of these systems are not implemented securely. The POS systems themselves may have security issues but I'm guessing that the communications aren't running over VPN tunnels.

I know Target keeps getting the headlines but wasn't there at least two other major retailers hit by this? Did they all use the same POS or contractor for implementation?

I sure hope if this gets modded up it is tagged as Funny.

FF + NoScript + Adblock Plus + Ghostery + Flashblock = I can see the page just fine with no annoying content.

Then explicitly outlaw that behavior because the existing law is not actually working.

Unless laws change to explicitly ban behavior there is little to stop them from creating exceptions to their own policies and procedures.