I understand the value of them and why they are so danged hard on occasion, but I still lament having to be exposed to them. Dang it.
Yes, A Secure Socket is an absolute must. But even then it is funny how even a Secure Socket still requires a VPN to be truly secure. Apparently a SSL is not as secure as it is supposed to be. I’m not sure, but if you configure a site to allow both HTTP and HTTPS you could probably be just as secure on HTTP with a just a VPN and no SSL.
But I don’t shy away from sites that are throwing up browser warnings because of bad certificates. It is the new form of censorship of sites. They will throw up a warning to scare you away even though when you push through anyway it turns out the domain does and it is indeed working to create a SSL like it is supposed to. I have noticed a lot of this lately.