https://tunein.com/radio/MSNBC-s297990/

I know others watch it for free on websites. I'm not sure if those sites are legal or have viruses. I like tunein and the link is also at MSNBCs website.

TuneIn is live. The podcasts are delayed by an hour or so, but have almost no commercials... Available everywhere there are podcasts.

The "Not Secure" tag means you are using HTTP and not HTTPS.

So what?

HTTP is the original "web" protocol. All the data packets between your computer and the remote site are sent "in the clear". If you were using "HTTPS" all the packets are encrypted.

Well ok, so what?

The Internet is a network of networks. Almost always, your packets are physically sent over more than one network. E.g. from your wifi, to your DSL, to your ISP, to the internet backbone, to the ISP of the server, then finally to the server on the other end. And then back to you.

A lot of people have access to those networks. And can see the traffic on them.

And with HTTP the contents of your packets are not-encrypted, they're in the clear.

With HTTPS, the contents of the packets are encrypted and useless to people evesdropping on the traffic (*).

You should never be using HTTP with a service that should be private (e.g. a bank or checkout page of a store). But HTTP is fine for reading news sources where you don't care who knows it. E.g. listening to MSNBC.

Also with HTTPS there is some "authentication" so you can be reasonably certain that the site you're connected to is the one you intended. E.g. not a different site pretending to be BankOfAmerica.com, ready to steal your login and password and money.

Flagging all "http" sites as "not secure" is a bit of overkill. But it is getting easier and easier to move to https. So this is basically a culture war being waged by the browser makers to get all the major servers to switch to HTTPS.

(*) even with encrypted HTTPS traffic, an eavesdropper can see source and destination addresses. So if you're using HTTPS to connect with (for example) "lets-blowup-the-world.com" ... the contents of your session are encrypted. But the fact that you're communicating with "lets-blowup-the-world.com" is not hidden.

I didn’t want to suggest if it could be harmful.

Hmm, the company is based in Portugal, but with sites that cover many many countries. Interesting!

Mostly it's an aggregate, redelivering content produced by others. But it's clear they have more than a little funding. And if they're evil, it's not getting detected by Apple/Safari. Apple does maintain a list of sites that are black-listed, and those are *much* more difficult to get to accidentally.

Ah, they have about 48 "sites" covering different countries. And 14 of those are using HTTPS.

At some point they should switch all their servers over to use https. It does take a little more cpu time (i.e. $) to encrypt traffic, so I suspect they're just being cheap for now.

Offhand they don't seem too evil, other than making money (with ads) by aggregating other people's conntent (kinda like news.google.com for example).