Since I don't have basic, I can't test but the site doesn't host the ad network and it would appear that that ad network doesn't use https. That is really all that message is telling you.
More garbage from chess.com
Sort:
I know exactly what the message is telling me.
But because chess.com does not care about it's users, I have no way of knowing if there is actual malicious activity going on.
Just one more way chess.com shows total disregard for it's members. But then they only care about the "numbers", whether they are real numbers or not.
Ad-blocker on.
Jan 3, 2018
0
#4
OK, you're free to think that of course 
Not sure how a third party ad network not being hosted over https and/or from the external ad network (which has been the case for very long time), shows the site doesn't care about its members. Even if the ad code was over https, that doesn't stop the ability for it to be malicious (which actually has happened and was fixed).
Funny how I am on numerous sites per day that use Google Ad Services and I do not get that warning. In fact, I just went to 5 sites that had Google Ad Services and none of those sites made Chrome display the warning.
But ok, it is perfectly fine for it to be happening on chess.com. Yeah, sure. Keep thinking that.
Jan 3, 2018
0
#6
The site doesn't use Google ad services as far as I'm aware. Maybe they could host the ad network over https but just because something is hosted on SSL doesn't make it suddenly safe. It just means that the data is encrypted between the source and client, that the site owning the certificate matches the source traffic, and someone in the middle can't get the data (read it). Traffic can still be malicious over the connection.
Understanding what https/SSL actually does and does not do will let me understand that it is fine, in and of itself, for ad traffic not to be encrypted.
edit: looking at the ads while not logged in, it looks like maybe the ads do come from the google ad-network. Looks like they are loading over https though, so don't know what Chrome may be hitting on exactly.
Jan 3, 2018
0
#7
Rsava wrote:
But let me guess, it is my fault?
of course... but it sounds like you already know the score...
Jan 4, 2018
0
#8
Ignore it. An unauthenticated script isn't necessarily malicious. Chess.com make plenty of money from membership fees and would stand to lose a lot more than they could ever hope to gain by deliberately loading malware onto their site and inevitably tarnishing their hard-earned reputation.
Sites that have no obvious source of income are the ones you should be suspicious of!
Love the fact that now Chrome is reporting (when I go to any page on chess.com, after most of the ads load) that "This page is trying to load scripts from unauthenticated sources"
Funny though, when I run an ad-blocker (which I do not like to do since I do not pay for the site) it doesn't happen. I guess i am just forced to do that.
But let me guess, it is my fault?
Love it chess.com.