|
|
01-30-2020, 09:23 AM
|
|
|
|
Join Date: Jan 2008
Location: Calgary Perchdance
Posts: 18,892
|
|
If a hacker can see my very strong password is &$perchbonk678&$ and then figures use for everything including tinder, sugarbabies, eBay, Amazon, Shaw and Fanny’s Fabrics then I am royally up the Internet river without a paddle.
__________________
It is not the most intellectual of the species that survives; it is not the strongest that survives; but the species that survives is the one that is able best to adapt and adjust to the changing environment in which it finds itself. Charles Darwin
|
01-30-2020, 01:10 PM
|
|
|
|
Join Date: Jan 2020
Posts: 23
|
|
It does matter to an extent because many of the members on this forum are of an older persuasion or spend most of their time outdoors and are not as tech savy. There are still an amazing number of people that think "password" is a good enough password.
Best practice is to use a different password for every site you visit: good luck with that
Easier is to use a password manager such as Lastpass, Bitwarden, etc. There are several.
If it's a matter of cost for the SSL certificate for the site, they may want to look into "Let's Encrypt", a free opensource SSL Certificate Authority.
CW
|
01-30-2020, 04:04 PM
|
Banned
|
|
Join Date: Jan 2011
Posts: 4,090
|
|
Quote:
Originally Posted by wildcwilly
It does matter to an extent because many of the members on this forum are of an older persuasion or spend most of their time outdoors and are not as tech savy. There are still an amazing number of people that think "password" is a good enough password.
Best practice is to use a different password for every site you visit: good luck with that
Easier is to use a password manager such as Lastpass, Bitwarden, etc. There are several.
If it's a matter of cost for the SSL certificate for the site, they may want to look into "Let's Encrypt", a free opensource SSL Certificate Authority.
CW
|
That was my thinking when I made the original post
|
01-30-2020, 05:18 PM
|
|
|
Join Date: Jun 2014
Posts: 21
|
|
We just had a 3rd party secure our company website and it cost $500. Not sure what the cost is for a large site like this?
|
01-30-2020, 11:02 PM
|
|
|
|
Join Date: Oct 2011
Location: Westerose
Posts: 4,077
|
|
Quote:
Originally Posted by wildcwilly
It does matter to an extent because many of the members on this forum are of an older persuasion or spend most of their time outdoors and are not as tech savy. There are still an amazing number of people that think "password" is a good enough password.
Quote:
Originally Posted by drhu22
That was my thinking when I made the original post
|
|
Problem is, the real problem isn't that "AOF is insecure". The real problem is that people don't know what is and what isn't secure. By your logic, if there was an nice shiny padlock in the address bar every thing would be secure and none of the problems midgetwaiter listed would be an issue. Good luck with that
Fact is, you can't trust the internet! Sure, this site has security issues; but whether those issues extend into other areas of your life is your decision, not the decision of the administrators of this site.
Caveat surfer.
ARG
__________________
In the immortal words of Jean Paul Sartre, 'Au revoir, gopher'.
Quote:
Originally Posted by sjemac
It has been scientifically proven that a 308 round will not leave your property -- they essentially fall dead at the fence line. But a 38 round, when fired from a handgun, will of its own accord leave your property and destroy any small schools nearby.
|
|
01-31-2020, 09:37 AM
|
Banned
|
|
Join Date: Jun 2009
Posts: 1,779
|
|
Quote:
Originally Posted by Au revoir, Gopher
Problem is, the real problem isn't that "AOF is insecure". The real problem is that people don't know what is and what isn't secure. By your logic, if there was an nice shiny padlock in the address bar every thing would be secure and none of the problems midgetwaiter listed would be an issue. Good luck with that
|
This is correct, the lack of SSL is bad but it’s at the bottom of the list IMO. The other less obvious problems are much worse.
|
01-31-2020, 02:58 PM
|
Banned
|
|
Join Date: Jan 2011
Posts: 4,090
|
|
Quote:
Originally Posted by Au revoir, Gopher
Problem is, the real problem isn't that "AOF is insecure". The real problem is that people don't know what is and what isn't secure. By your logic, if there was an nice shiny padlock in the address bar every thing would be secure and none of the problems midgetwaiter listed would be an issue. Good luck with that
Fact is, you can't trust the internet! Sure, this site has security issues; but whether those issues extend into other areas of your life is your decision, not the decision of the administrators of this site. Caveat surfer.ARG
|
Where did I say that a nice shiny padlock is the 'be all and end all'? All I did was bring up the issue and ask why its not being addressed.
|
01-31-2020, 04:56 PM
|
Banned
|
|
Join Date: Jan 2011
Posts: 4,090
|
|
Quote:
Originally Posted by drhu22
Where did I say that a nice shiny padlock is the 'be all and end all'? All I did was bring up the issue and ask why its not being addressed.
|
However... I do think that a website should take more responsibility for its member's security, especially when updates are available, and so many are naive or uneducated on internet safety.
Responsibility should be on members and AOF
Apologies for calling out mods instead of administration as in first post, my bad.
Last edited by drhu22; 01-31-2020 at 05:16 PM.
|
01-31-2020, 05:24 PM
|
Banned
|
|
Join Date: Jan 2011
Posts: 4,090
|
|
|
02-01-2020, 01:22 PM
|
|
|
|
Join Date: Oct 2011
Location: Westerose
Posts: 4,077
|
|
Quote:
Originally Posted by drhu22
Where did I say that a nice shiny padlock is the 'be all and end all'? All I did was bring up the issue and ask why its not being addressed.
|
Would you have thought there was an issue if the padlock had been there?
ARG
__________________
In the immortal words of Jean Paul Sartre, 'Au revoir, gopher'.
Quote:
Originally Posted by sjemac
It has been scientifically proven that a 308 round will not leave your property -- they essentially fall dead at the fence line. But a 38 round, when fired from a handgun, will of its own accord leave your property and destroy any small schools nearby.
|
|
02-02-2020, 09:58 AM
|
|
|
Join Date: Sep 2016
Location: Calgary
Posts: 361
|
|
Personally I don't care about my account on this site. However, I do care about the admin/mod accounts. Over HTTP it would be trivial for a bad actor to intercept their password and mess with the whole site.
For $500 to secure your site that someone mentioned it depends on what needs to be done.
Was your site compromised and you didnt have database or file backups? That's a lot more money to go through and clean the site.
Is your site running on Wordpress or drupal and very outdated? It could cost even more depending on if your stuff will still work on the newer versions.
Is your site ok and just need an SSL? Probably about $100-$200 for the cert and probably 2 hours of labour @ 150/hr with a DNS check thrown in to make sure you have a good SPF record (prevents email impersonation).
Does your host offer automatic free ssl via lets encrypt or cpanel ssl? Then it's just labour @ up to $150/hr of an hour or two max.
|
02-02-2020, 10:02 AM
|
|
|
|
Join Date: Jan 2008
Location: Calgary Perchdance
Posts: 18,892
|
|
Who uses a VPN all the time?
__________________
It is not the most intellectual of the species that survives; it is not the strongest that survives; but the species that survives is the one that is able best to adapt and adjust to the changing environment in which it finds itself. Charles Darwin
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 12:14 AM.
|