Right! I was surprised too! I just noticed it this month! What that means is instead of seeing https:// and having your password and login encrypted, you see http:// and a hacker in between me and sports interaction could get all my info.
I emailed them and they replied with this bull reply:
I posted this to twoplustwo but I don't think anybody cares. (I make my money playing poker, and I enjoy the fact that SIA can still send me a check in about 10 days for a mere 5 bucks, even after black friday). Could Justin or one of the founders here at SBR look into this and contact SIA's management? They won't listen to me, they are just making a BS-email to try and tell me "everything's all right, keep playing with us".Dear XXXXXXXXX,
Thank you for contacting Sports Interaction.
I am following up with you today relating the security of our website. I've spoken with our developers and received a response from them as follows:
The login forms are submitted via https (protecting username/password) but once we’ve processed the login we immediately redirect the client to the normal (non-secure) homepage. Hence, unless the client is using web developer tools, or looks at the html source, they wouldn’t realise that https is being used (it doesn’t appear in the browser address bar at any stage during login).
We're constantly looking at ways to ensure transparency and security to our customers, as we realize this is of importance. Our developers are currently looking at ways to help ease your concerns relating to the display of the login process over https.
As always, we appreciate customer feedback as it helps us to continue to serve our loyal customers such as yourself.
Sincerely,
Hawi
Sports Interaction Support Team
North America: 1-888-922-5575
International: +1-450-635-5575
In the meantime, I recommend that if you still play at SIA, change your password there to be one that is totally unique, and unrelated to any other password. Notice how they cop out and try to say that as soon as you enter your login you are redirected to an https - no you are not - you start with http and end with http! Even when you're logged in it's still http! This is driving me crazy!
Did web developers find a way to hide the "s"? I don't think they did. This is the way I've been taught how the internet works since day 1 I used the web.