Author Topic: Insecure Connection  (Read 57 times)

lepus

  • Regular Member
  • **
  • Posts: 35
  • Human Being
Insecure Connection
« on: April 17, 2017, 02:48:11 AM »
Recently, my updated Firefox has begun to warn me about insecure login connections to forums and messageboards with:
Quote
movsd.com
Connection is Not Secure
Logins entered on this page could be compromised.
It is apparent that the login name and password are not transmitted over a secure connection and could be intercepted and read by an intermediate node. Is it doable to have look at this? Is it easy or complicated to implement a https connection for the login procedure?

hutch--

  • Administrator
  • Senior Member
  • *****
  • Posts: 505
  • Bespoke Snippers
Re: Insecure Connection
« Reply #1 on: April 17, 2017, 03:41:21 PM »
It is based on requiring a certificate which only costs a fortune, a technique of leverage marketing to extract more money out of site owners. Interesting as Firefox is freeware. I personally use a Google clone that has far better security "Slimjet 64 bit" and I don't see the problem.
The magnificent tools of the professional tailor
http://www.movsd.com/tailors_shears/  ;) ;D

Schneiderfrei

  • Research
  • Senior Member
  • ****
  • Posts: 299
  • Resembles Human Being
Re: Insecure Connection
« Reply #2 on: April 17, 2017, 10:24:21 PM »
I am glad you mentioned this Hutch.  I have recently tried out firefox.  I would like to give another a go.

Schneiderfrei

  • Research
  • Senior Member
  • ****
  • Posts: 299
  • Resembles Human Being
Re: Insecure Connection
« Reply #3 on: April 17, 2017, 10:51:15 PM »
Goodness Hutch, that is snappy. :)

hutch--

  • Administrator
  • Senior Member
  • *****
  • Posts: 505
  • Bespoke Snippers
Re: Insecure Connection
« Reply #4 on: April 17, 2017, 11:28:17 PM »
I re-checked to make sure but there are no settings in the forum software to handle secured connections and in any case, this forum does not require secured data as it does not collect payments or any other form of remuneration. Personal data is both secured and encrypted by default in the forum software so even if someone could work out how to hack the server that this forum is on, they would have a terrible time trying to access the data base.

Look for the settings in any browser you choose to use and make an exception for any forum you wish to log onto. If the browser does not have that option, use another browser.
The magnificent tools of the professional tailor
http://www.movsd.com/tailors_shears/  ;) ;D

hutch--

  • Administrator
  • Senior Member
  • *****
  • Posts: 505
  • Bespoke Snippers
Re: Insecure Connection
« Reply #5 on: April 17, 2017, 11:38:35 PM »
Just for your amusement, a few years ago I got a complain from my server provider that some bunch of vigilantes in Germany had scanned the server and found an infected file. The file dated about 1997 and was an old programming language source file that had been zipped. These morons identified a trojan that dated about 2012, something like 15 years after the old zip file was created so it was impossible for the old zip file to be infected.

For having wasted my time, I asked my server provider to send my response back to them which advised them to actually check the file date of the zip file and actually learn what file specifications were about including the Microsoft Portable Executable specifications instead of trusting some crappy AV scanner that was dropping false positives. Predictably we did not get a response back.  ;D
The magnificent tools of the professional tailor
http://www.movsd.com/tailors_shears/  ;) ;D