how is a miner using http secure?

[scar]

how is it secure when a miner is using insecure http to send the user and password?

[1715041430]

1715041430

[xunker]

how is it secure when a miner is using insecure http to send the user and password?

"No Mr. Bond, I expect you to die."

Translation: it isn't.  If you mine in a pool and this fact worries you:

A) ask your pool admins to enable HTTPS urls for miners
B) move to a pool that uses HTTPS for miners
C) move to a pool that allows you to create miner-only passwords (e.g. you can use them in a URL for your miner, but they cannot be used to log in to that pools' web site to change your account, a la bitcoinpool.com)

[randomguy7]

Are there currently any pools which support https for miners?

[thecount]

Either use a unique miner-only password or use a pool that doesn't require a password (eligius).

[cvk]

how is it secure when a miner is using insecure http to send the user and password?

Your miner will be insecure, but that's not a problem as long as you are using a different password for your user account.

If an attacker gets one of your workers' passwords by sniffing your unencrypted HTTP traffic, I think the worst thing he could do is execute a denial of service attack in your name in an attempt to get you banned from your pool.