It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
FireFox Says ATS Connection not Encrypted and not Secured.
page: 3share:
a reply to: Raxoxane
I really don't care much about "the guvernment" knowing who I am, even though it is strange to not have encryption because let's be clear. When you are trying to login into a website you are sending your information which would include your isp. So it is possible without an encryption for any hacker to actually get not only your password and username but your isp as well. This is turn makes it easier for hackers to hack your own pc.
Not to mention the fact that without an encryption for login and for the site you are not really anonymous to anyone who wants to find out who you are.
If ATS does uses SSL, then wouldn't chrome and firefox see that the connection is secure?
I really don't care much about "the guvernment" knowing who I am, even though it is strange to not have encryption because let's be clear. When you are trying to login into a website you are sending your information which would include your isp. So it is possible without an encryption for any hacker to actually get not only your password and username but your isp as well. This is turn makes it easier for hackers to hack your own pc.
Not to mention the fact that without an encryption for login and for the site you are not really anonymous to anyone who wants to find out who you are.
If ATS does uses SSL, then wouldn't chrome and firefox see that the connection is secure?
edit on 17-3-2017 by ElectricUniverse because: add
question.
a reply to: Springer
So what browser are you using? and does ATS use SSL? If ATS does uses SSL, shouldn't sites like ATS complaint to Firefox and Chrome? Because if sites like ATS do use SLL and Chrome and Firefox do not recognize the safe login they are giving a bad image to websites like ATS. Heck, Chrome and Firefox could be liable if their programs don't recognize SLL as safe encryption.
So what browser are you using? and does ATS use SSL? If ATS does uses SSL, shouldn't sites like ATS complaint to Firefox and Chrome? Because if sites like ATS do use SLL and Chrome and Firefox do not recognize the safe login they are giving a bad image to websites like ATS. Heck, Chrome and Firefox could be liable if their programs don't recognize SLL as safe encryption.
originally posted by: 3ncrypt0Rdie
a reply to: yuppa
Seems to me that you may need another dubbie; im likely the guy running your operation, lol just kidding.
I am an American who is trying to make a difference no money involved in any of my post. so far a waste of time actually.
do you have something interesting to add to this conversation?
You missed the part about fixing your firefox. Look you are barking up the wrong tree telling ATS what they need to do to make things more convenient for you to use Firefox.
And Oh noes!! im a american too!! what a coincidence! And really You are on a internet forum. we have nothing but time to waste here.
a reply to: yuppa
It's not Firefox. Not exactly.
Firefox did change how they identify insecure sites, but Firefox is not wonky. It is doing that intentionally.
Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation
Chrome also changed.
Chrome to Label Some HTTP Sites ‘Not Secure’ in 2017
As crime spreads on the Internet, companies continue the battle to attempt to make things safer.
Most sites are increasing security.
It's not Firefox. Not exactly.
Firefox did change how they identify insecure sites, but Firefox is not wonky. It is doing that intentionally.
Firefox 52 Expands Non-Secure HTTP Warnings, Enables SHA-1 Deprecation
The latest iteration of the browser expands in-context user warnings for non-secure HTTP pages with logins. Users will now be confronted with a “This connection is not secure. Logins entered here could be compromised.” message when they try to enter a username and password field on a non-HTTPS page.
Chrome also changed.
Chrome to Label Some HTTP Sites ‘Not Secure’ in 2017
Chrome users who navigate to some HTTP sites will be notified, starting in January, they’re on a site that isn’t secure.
Google said today the browser will begin explicitly labeling HTTP connections that feature either a password or credit card form as non-secure. The company said the plan is its first step toward marking all HTTP sites as non-secure, though it didn’t provide a timetable for the undertaking.
As crime spreads on the Internet, companies continue the battle to attempt to make things safer.
Most sites are increasing security.
edit on 3/17/17 by BlueAjah because: (no reason given)
An SSL certificate is really not expensive.
For $200 or less per year, you can get a decent certificate.
For $200 or less per year, you can get a decent certificate.
originally posted by: jedi_hamster
originally posted by: Springer
a reply to: ElectricUniverse
It's FireFox...
and that means what exactly?
just state the obvious, because some people seem to fail to realize it.
ATS doesn't use any sort of connection encryption and as far as i know, never did. so it's not something new, it never was secure to begin with.
bottom line is, yes, someone can sniff on your connection to ATS and hijack it, at least in theory. random person with no knowledge won't do it, but it's technically possible.
seriously, with let's encrypt certificates being free and comments like that, it feels like you're avoiding ssl on purpose.
I think he already said that the ergonomics involved would be time consuming and costly. He also had said back when the original thread was created, that he may consider it for members. Honestly, in this case the risk vs reward may be a wash. IMHO.
a reply to: charlyv
SSL is not difficult to implement. Not at all.
For less than $200 per year, a few minutes to add the certificate to the server, a couple of lines added to .htaccess files, and a site can be safe.
ETA: well,,, safeR. Nothing is ever totally safe.
ETA: I see one more thing - the URLs in your page content would need to be changed to https. But since that seems to be scripted, it should not be hard to change.
SSL is not difficult to implement. Not at all.
For less than $200 per year, a few minutes to add the certificate to the server, a couple of lines added to .htaccess files, and a site can be safe.
ETA: well,,, safeR. Nothing is ever totally safe.
ETA: I see one more thing - the URLs in your page content would need to be changed to https. But since that seems to be scripted, it should not be hard to change.
edit on 3/17/17 by BlueAjah because: eta
If I use Firefox, I see that on many websites..but not with Chrome
originally posted by: vlawde
If I use Firefox, I see that on many websites..but not with Chrome
Any website that would use http would be flagged. Project says ATS uses basic form encryption, but Firefox says there is no encryption. If Firefox, and Chrome are lying, and ATS does uses basic form encryption, it could mean that because of a false statement made by Chrome and Firefox, ATS and other similar websites could be losing revenue, as there will be people who would decide not to use the website based off the information these browsers are giving. ATS could file a lawsuit if Chrome and Firefox are making false statements about the security of a website that makes money from ads.
Without encryption your ip address, password and username could be hacked.
edit on 18-3-2017 by ElectricUniverse because: correct
comment.
originally posted by: BlueAjah
a reply to: charlyv
SSL is not difficult to implement. Not at all.
For less than $200 per year, a few minutes to add the certificate to the server, a couple of lines added to .htaccess files, and a site can be safe.
ETA: well,,, safeR. Nothing is ever totally safe.
ETA: I see one more thing - the URLs in your page content would need to be changed to https. But since that seems to be scripted, it should not be hard to change.
Um...there's a little more than simply that to adding SSL/HTTPS/TLS to any website at all. It's not precisely a 5 minute job.
There are many considerations to take into account.
Porting from 80 to 443
Mix content considerations HTTP vs HTTPS content
Whether or not there is a complex Proxy cache, encrypted content wont be able to be cached...requiring an ancillary server to handle before/after content
Being in-house proprietary software, all coding will have to be changed to reflect adding SSL/HTTPS/TLS
Mobile encryption concerns
While I'm a fan of secure sockets and encryption in general, you cant make the claim it's a one and done procedure.
originally posted by: jedi_hamster
originally posted by: ANNED
I had the problem on ATS and three other sites.
I rolled back my computer three days and the problem went away.
It was the firefox update that cause this problem.
It did not happen on internet explorer , duckduckgo. yahoo, bing,
This left firefox update as the problem so i did the roll back.
it's like sticking your head in the sand in case of danger.
the warning is there for a reason. throwing away reasonable warning and future security patches, because you can't be bothered to be reminded that ATS isn't using a secure connection? that's silly.
it's not firefox to blame. it's ATS.
In my case i trust my security programs more then firefox.
firefox is not a security company and anyone that believes they are disillusioned and is taking a big risk.
Just curious, but does anyone here believe that they in fact posting anonymously ?
Every byte that is sent is traceable is it not ?
Every byte that is sent is traceable is it not ?
a reply to: alphabetaone
Thanks, but I did mention that they would have to update the content.
But it looks like the content is scripted, so it is not like they would have to update thousands of pages - they would need to update the scripts that generate the pages.
I have changed over web sites to SSL. It does depend on specifics of the web site, but it usually is not a huge deal.
Thanks, but I did mention that they would have to update the content.
But it looks like the content is scripted, so it is not like they would have to update thousands of pages - they would need to update the scripts that generate the pages.
I have changed over web sites to SSL. It does depend on specifics of the web site, but it usually is not a huge deal.
ATS is by no means secure...
The lack of encryption is small in comparison to the major security flaws they have elsewhere.
The lack of encryption is small in comparison to the major security flaws they have elsewhere.
originally posted by: anonfamily
ATS is by no means secure...
The lack of encryption is small in comparison to the major security flaws they have elsewhere.
Great point, this allows for ATS to be a Honey Pot of IP's connected to belief systems and viewing habits of many citizens world wide.
a reply to: 3ncrypt0Rdie
I was actually talking about fundamental design flaws in this message board, and two huge vulnerabilities that exist till this day.
I was actually talking about fundamental design flaws in this message board, and two huge vulnerabilities that exist till this day.
new topics
-
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 1 hours ago -
America's Greatest Ally
General Chit Chat: 2 hours ago -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 7 hours ago -
Maestro Benedetto
Literature: 8 hours ago -
Is AI Better Than the Hollywood Elite?
Movies: 9 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 7 hours ago, 27 flags -
Weinstein's conviction overturned
Mainstream News: 16 hours ago, 8 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 13 hours ago, 8 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 15 hours ago, 7 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 12 hours ago, 6 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 15 hours ago, 5 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 13 hours ago, 4 flags -
Is AI Better Than the Hollywood Elite?
Movies: 9 hours ago, 3 flags -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order: 1 hours ago, 3 flags -
Maestro Benedetto
Literature: 8 hours ago, 1 flags
active topics
-
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 65 • : Jukiodone -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 50 • : F2d5thCavv2 -
Russia Ukraine Update Thread - part 3
World War Three • 5732 • : F2d5thCavv2 -
The Acronym Game .. Pt.3
General Chit Chat • 7751 • : F2d5thCavv2 -
Salvador Dali's Moustaches
People • 28 • : zosimov -
Is AI Better Than the Hollywood Elite?
Movies • 17 • : ThePsycheaux -
The best Rice dish i've ever tasted... Kimchi Rice
Food and Cooking • 26 • : lamhaocc -
A Warning to America: 25 Ways the US is Being Destroyed
New World Order • 1 • : 727Sky -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest • 15 • : tarantulabite1 -
America's Greatest Ally
General Chit Chat • 1 • : BingoMcGoof