[The Free Thinker talks about how the best thing about gopher is
that it is unencrypted][0]. He brings up some great points I did not
in my related phlog entry ['Does Gopher Really Need TLS
Encryption'][1], including the insight about how connection
meta-data can be just as revealing as the actual content of one's
gopher traffic.
His points about older web browsers becoming unusable are sadly a
reality for those of us who like to use older hardware and operating
systems. If I could I'd use older versions of Firefox that still had
native gopher support, for example. Gopher is not just for serving
text.
And while gopher is read-only for most users, there are times when
you do need to enter data. The most common is when using gopher
search, but in general use (or abuse) of any item type 7 selector
like with gopher CGI scripts (guestbooks are the most common I see)
applies. If you want to use these securely you can send your
requests over an SSH socks proxy or use Tor browser with a
gopher-to-web gateway, and don't worry about the unencrypted final
hop or two.
If your socks proxy terminates at a large, multi-user pubnix system,
it would be nearly impossible to match packet timings out of all the
outbound traffic these systems generate - and that is _if_ you know
the originating protocol being stuffed down the SSH pipe. Sometimes
the obscurity of gopher is a good thing.
[0]:
gopher://aussies.space/0/%7efreet/phlog/2020-05-31The_Best_Thing_About_Gopher_is_that_its_Unencrypted.txt
[1]:
gopher://gopher.unixlore.net/0/glog/does-gopher-really-need-tls-encryption.md