bio:pippa222 wrote about this in a comment to BookMooch Barter message below ( Bookmooch Barter#comment_1 ), but it certainly merits it's own message.

Would it be possible to upgrade the BookMooch internet connection (http) to a secure, encrypted one (https), at least when we're logging in and changing our profile information?

That way we wouldn't have to worry that other people might grab our internet traffic and seeing our BookMooch passwords and other sensitive information (like home addresses) in the clear, when logging in and changing our profile information while using BookMooch on open wi-fi networks. I know it's quite unlikely that this would happen, but as long as BookMooch is using only an unsecure connection from users' computers to it's servers, it's certainly a possibility. Thanks.

Taneli T's inventory (worldwide)

There has actually not yet been a single reported case of a member's account being hacked.

The reason is, of course, is that there is no financial information of any kind to be gained by doing so. Sites that employ more security at log-in often do contaain such data.

In fact, the only thing hidden is one's password, everything else (mailing address and e-mail that is) is sent upon each mooch request.

If one does choose to help support Bookmooch through a donation, that is done through a secure Paypal connection, and that financial info is in no way linked to Bookmooch, it remains with Paypal.

I understand that getting an authoritatively signed certificate, which is required for establishing a secure HTTPS connection, might cost something. On Wikipedia it's estimated to cost between $13 and $1500 a year. http://en.wikipedia.org/wiki/HTTP_Secure#Server_setup

Is not having this feature an issue of cost or is it that this feature is just not considered to be important? Or are there maybe technical issues/challenges in implementing it?

Taneli T