8er.org - Not Secure

The message indicates that 8er.org does not use a secure SSL connection with certificate. SSL connections encrypt your activities on a site so information, like login credentials, cannot be stolen by someone 'eavesdropping'. The certificate on its turn provides assurance that you are connected to the same domain as the certificate and not some phishing attempt (*). SSL connections can be recognized by "https" in the URL instead of "http" and many browsers indicate a valid certificate with a green padlock symbol in the address bar.

I don't think it needs explanation why you'd want that for your online banking account. On the other hand you may argue that your online banking information is sensitive data but 8er.org is not. From that perspective it's not really an issue that 8er.org does not use SSL. After all, the world wide web worked fine for almost 27 years with the majority of the websites not having SSL. True, but the world wide web is not the same place anymore. It has become the domain of criminals and mass surveillance by governments.

Over the past years there as been a strong drive to push all websites towards SSL. However, without a valid (authenticated) certificate SSL connections throw warning messages all over the place so a website needs a valid certificate. These are handed out by certificate authorities and traditionally certificates tended to be fairly expensive business. That changed drastically with the birth of Let's Encrypt in 2016 which provides certificates for free. Since then every website owner can get a proper SLL connection with certificate. Let's Encrypt has been welcomed by many hosting providers and many website management tools have been updated with support for it. Today the installation, maintenance and renewal of Let's Encrypt certificates is usually extremely easy.

There's no good reason left why not to use SSL. Even if you believe no sensitive data is being processed SSL does not really bring a downside. The result is that major players are slowly but surely pushing everyone over to use SSL. Browsers will complain more and more about insecure connections and search engines started to rank websites that do not use SSL lower.

So while you should not worry about the "website not secure" message immediately it would be nice of 8er.org to respect the privacy of its users by switching to SSL as well.

Note that for Internet forums it can be quite difficult to even impossible to provide a full SSL experience. Forums like 8er.org allow users to link to images on external hosts which do not use SSL. As a result browsers may not consider the website fully SSL encrypted and not show the green padlock icon or display a warning. That should not prevent the website owner from enabling SSL, though.

(*): With certificates nowadays available to everyone and at no cost, it should be clear that phishing sites can use valid certificates as well. Your online banking website will use an expensive extended validation certificate which means the owner is thoroughly validated (indicated in most browsers by displaying the certificate owner in green next to the padlock symbol). Most other websites cannot afford such certificates and use non-validated certificate types like the free ones of Let's Encrypt. The green padlock by itself is thus not a good indication of website ownership but it shows the connection is fully encrypted.