It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

no secure login

page: 1
0

log in

join
share:

posted on May, 23 2008 @ 03:01 AM
link   
why?

[edit on 23-5-2008 by Greek]




posted on May, 23 2008 @ 03:40 AM
link   
Why do we need one?

No one is putting personal info about themselves in here.

No payments are being made from here.

The site is openly searchable to all the major search engines, with the exception of RATS.

Anyone with websense would know to use different passwords for different sites.



posted on May, 28 2008 @ 06:18 AM
link   
the username and password is sent without being encrypted first. that means that it can be easily obtainable.

don't you care about the security of the members and yours?

what if the server(s) get hacked? is anything server-side being encrypted at all?

[edit on 28-5-2008 by Greek]



posted on May, 28 2008 @ 06:50 PM
link   
Just if you use firefox for a browser download keyscrambler..it encrypts the password down to the kernel mode.



posted on May, 28 2008 @ 07:03 PM
link   
Here's a blast from the past where the idea was discussed. It is one of SO's threads.


www.abovetopsecret.com...



posted on Jul, 22 2008 @ 08:47 PM
link   
alienstar,

keylogging prevention has nothing to do with my question.



posted on Jul, 22 2008 @ 08:50 PM
link   
alienstar,

keylogging prevention has nothing to do with my question.



posted on Jul, 22 2008 @ 08:56 PM
link   
reply to post by Greek
 


Why would ATS have one?

I haven't seem one forum, or any site that doesn't hold banking/credit info on the site, for that matter, that does have secure logins.



posted on Jul, 22 2008 @ 09:07 PM
link   
Did you have a suggestion for us?



posted on Jul, 22 2008 @ 09:23 PM
link   
oh crap , here we go again


ok you " expurts " - please tell use EXACTLY what a ` secure login ` would acheive

in breif - a ` secure login ` would only protect your password

what can someone do with your ATS pasword ?

1 - they can post " as you "

2 they can read your U2U

and THAT IS IT

if you are so paranoid that you believe that ATS needs ` secure login ` then i doubt you even use the ATS unsecure U2U for anything

and if ` they ` attempt to " post as you " who will it fool ?

bottom line - is that in 6 years of operation and 100K + members has ANYONES id been comprimised ?



posted on Jul, 22 2008 @ 09:30 PM
link   
There's no such thing as secure anything on the net..not even from all the security programs that claim they protect you.

I finally just accepted it and quit trying to secure and cloak. You have the standard for gov and corporations that are protected by network engineers round the clock. Then there is the standard for the civilian...pretend all the security programs protect you.



posted on Jul, 22 2008 @ 10:51 PM
link   
I think I am as security conscious as anyone. It was my profession for a while; but I think if we truly want security, we must take responsibility for providing it for ourselves.

If you think it will increase the number of subscribers, posters, etc... then go for it.

I intend to be here until you tire of my online company.

Ain't skeered.



posted on Jul, 22 2008 @ 11:44 PM
link   
IF someone is targeting you, and attempting to steal your passwords, I suggest that your ATS login is probably the least of your worries.


A more significant worry -- someone is tracking your IP address. That is definitely happening at many of the sites you visit. That is a more revealing signature than anything I can think of -- including all the posts you may be making here and other places.



posted on Jul, 23 2008 @ 09:17 AM
link   

Originally posted by Greek
the username and password is sent without being encrypted first. that means that it can be easily obtainable.

In the seven years of operation of ATS using the existing legacy of the XMB software, there has been only one occurrence of known account hijacking, and that was due to a published exploit in the core code base.

Since then, the data structure and code base has been so significantly modified as to be a 100% custom solution.

Additionally, we have a third-party security specialist firm constantly monitoring the security logs of our server and proactively ensuring the environment is highly secure.

The idea of a secure socket for ATS (https) has been floated several times, but the added load on the servers and performance degradation all users would experience is overkill in my opinion.



new topics

top topics



 
0

log in

join