Surely not too much to ask to have the server running with SSL
Let's Encrypt
Posted 03 February 2019 - 08:42 PM
Posted 04 February 2019 - 08:36 AM
Sure, we exchange lots of sensitive information, I wonder why exactly noone thought of this basic protection.
Wonko
Posted 04 February 2019 - 08:54 AM
Posted 04 February 2019 - 01:42 PM
buy a Save,
I tried shopping for one, but all they had were safes.
https://passnownow.c...-save-and-safe/
http://pediaa.com/di...-safe-and-save/
Wonko
Posted 04 February 2019 - 02:18 PM
---beeeeeep--- wrong, the Network Cable ..
(but you're right, Safe.. for put in and make it save..)
Posted 06 February 2019 - 07:05 PM
Sorry guys, you lost me with all the metaphors...
Lets just get good old tested & working SSL certificate, how about that?
Posted 07 February 2019 - 03:54 AM
you be the once who want change that.. .. so.. in my opinion.. nope..
i work in security.. and with ssl can you do also many things..
it was okey in the last years..
and you have also not many posted, why this changing extra for you ?
Posted 07 February 2019 - 09:40 PM
I'll 2nd this but.....I really dont think we need it. The most sensitive info we exchange with the server would be our passwords, not much else. I totally understand SSL being mandatory on say, a banking website, but here not so much. As for reboot.pro having a valid cert....doesn't it already have one?
I say, if the NSA wants our booting methods, let them have it.I see no harm in them using GRUB4DOS to power up their supercomputers.
Posted 08 February 2019 - 07:46 AM
Good luck to your security customers...
But I suppose there is really nothing here that is of interest, but to very few
Posted 08 February 2019 - 09:36 AM
A couple of reasons I can think of...
1. Chrome now displays a 'not secure' flag on all http:// sites
2. Google ranks http sites lower than https in their search engine results
If it is easy to do, I would think it would be worth doing?
Posted 08 February 2019 - 01:23 PM
I think nobody cares here
Well, most probably more people would care if the request was actually motivated, at least Steve6375 has given a couple (whether relevant or not being of course up to debate) possible reasons why , you didn't yet.
Example:
Idea
Why not encrypting all attachments with PGP and putting up a server for providing the keys to members only, after 2FA?
Wonko
Posted 08 February 2019 - 02:25 PM
I am not even getting into debate with Wonko, as I would never win, some people just know it all...
Posted 08 February 2019 - 03:09 PM
A couple of reasons I can think of...
1. Chrome now displays a 'not secure' flag on all http:// sites
2. Google ranks http sites lower than https in their search engine results
If it is easy to do, I would think it would be worth doing?
in this options do you have right !
easy coming in and tell "hey, why not ssl" without justifications ,
feels like a children .. "mama, i want eat...waheeaaaa"
Idea
Why not encrypting all attachments with PGP and putting up a server for providing the keys to members only, after 2FA?
Wonko
thumps up *lol*
best
Blacky
Posted 08 February 2019 - 03:17 PM
You obviously have experience of needing to justify each & every action.
But some actions do not need justification
It would be valid suggestion if asking to change the forum colour scheme, but NOT to use SSL in 2019
Posted 08 February 2019 - 05:11 PM
Guys, I am more than happy to help here.
Nowadays, it is possible to get a secured while free cert.
It may also be that our hosting platform provides such a service (to be checked).
And, yes, I care
I'll have a word with Nuno and see if this is something to add on the migration to come.
Posted 10 February 2019 - 09:38 AM
I too think that SSL would be useful.
This forum is not for discussing cooking...
Posted 10 February 2019 - 04:01 PM
Posted 01 October 2021 - 09:46 AM
Can we now switch off access on port 80 then?
Posted 02 October 2021 - 05:15 AM
@ Wonko, miummy... Let'z dance 4 the Magareta .. it's seems someone wana cut us from the Mothermilk ..
he just understands not, to be exist an owner of the Magareta, someone should check his ip..
huhh security... i must have scare .. huhh..
so, let say it in short.. sebus, if the forum for you to unsave, must you not use...
for starting a discussion of ssl is stupid at a forum of programmers..
Posted 02 October 2021 - 10:28 AM
Posted 02 October 2021 - 11:51 AM
Naah, it's not really secure.
I mean, I can still access https://reboot.pro/ just fine with my Opera 12.15 (yes I know) on my XP SP2 (yes I know), whilst this OS/browser combo on most other "secure" sites fails with error 40[1].
As an example I just wanted to give 22 UK pounds (plus packaging and shipping) to these people (how can one live without a 4 litre sauna pine bucket[2]?):
https://www.xsvparsi...nd-p-134378.htm
but couldn't even access the page (d@mn error 40), surely, if I could, it would be much more secure.
Wonko
[1] whenever something doesn't work, usually it is "secure", or "modern", or both
[2] complete with an inner plastic bucket, sometimes I wonder how humans survived with all the leaking buckets before plastic was invented
Posted 02 October 2021 - 12:10 PM
Naah, it's not really secure.
I mean, I can still access https://reboot.pro/ just fine with my Opera 12.15 (yes I know) on my XP SP2 (yes I know), whilst this OS/browser combo on most other "secure" sites fails with error 40[1].
As an example I just wanted to give 22 UK pounds (plus packaging and shipping) to these people (how can one live without a 4 litre sauna pine bucket[2]?):
https://www.xsvparsi...nd-p-134378.htm
but couldn't even access the page (d@mn error 40), surely, if I could, it would be much more secure.
Wonko
[1] whenever something doesn't work, usually it is "secure", or "modern", or both
[2] complete with an inner plastic bucket, sometimes I wonder how humans survived with all the leaking buckets before plastic was invented
Hey Wonko,
I'd say if your main problem is about getting error 40 when you are about to buy a "sauna bucket with inner plastic", there are worse situations
And I am pretty sure humanity has been using buckets (or boats made of wood) thousands of years ago (and survived) without "inner plastic".
About security vs usability, it is always the same dilemna.
In your case, using some old browser / OS, your are definitely asking for troubles as many new security features wont be supported at your side.
But for sure I would never enable new security features that would lock you out as reboot.pro without Wonko would not be the same !
Cheers,
Erwan
Posted 02 October 2021 - 03:16 PM
And I am pretty sure humanity has been using buckets (or boats made of wood) thousands of years ago (and survived) without "inner plastic".
... but how would they drink from them?
I mean before plastic straws were invented , don't come to me saying that they used actual straws made out of straw .
Wonko
Posted 02 October 2021 - 03:32 PM
So much pointless discussion about nothing. Just made forced redirection 80 --> 443
So forum is only accessible via SSL
And 1 year certificate costs £6 per year, would you want me to fund it? Be happy to do so!
And if somebody with XP cannot access it, let it be!
0 members, 0 guests, 0 anonymous users