Security

geegad

Can't cheat fate..
Joined
Mar 7, 2010
Messages
2,066
Likes
473
Points
83
First Name
John
#1
Just come back to this site but why does it keeps saying at the top that the site is not secure and showing a warning sign.
 

John

Administrator
Staff member
Administrator
Moderator
Joined
Mar 4, 2004
Messages
3,637
Likes
510
Points
113
#3
It doesn’t say it at the top of my screen, but it isn’t secure, it doesn’t have a SSL (HTTPS) installed.
 

Pete Low

"Toon Technician"
Joined
Apr 10, 2017
Messages
1,117
Likes
1,168
Points
113
Location
Surrey.
First Name
Pete
#4
Hi, I to have the same problem as John, site not secure and a warning triangle sign ?
Happen in the last hour check everything my end can't find any fault?
Pete
 

stillp

SMF Poster
Joined
Nov 17, 2016
Messages
1,197
Likes
646
Points
113
First Name
Peter
#5
Don't worry about it! You're not going to be buying anything on the forum are you?

Pete
 

stillp

SMF Poster
Joined
Nov 17, 2016
Messages
1,197
Likes
646
Points
113
First Name
Peter
#6
If you go to the shop, you'll see the https, showing that it is a secure site.

Pete
 

John

Administrator
Staff member
Administrator
Moderator
Joined
Mar 4, 2004
Messages
3,637
Likes
510
Points
113
#7
The forum doesn’t need to be secure.
 

rtfoe

SMF Poster
Joined
Apr 29, 2018
Messages
1,037
Likes
1,044
Points
113
Location
Malaysia
First Name
Richard
#8
Oh good ...for a while there I thought there was something wrong with the site or my security system.

Cheers,
Richard
 

geegad

Can't cheat fate..
Joined
Mar 7, 2010
Messages
2,066
Likes
473
Points
83
First Name
John
#10
Ok that's for clearing that up and many thank for the speedy answers
 

Jakko

SMF Poster
Joined
Apr 28, 2018
Messages
1,293
Likes
659
Points
113
First Name
Jakko
#11
The forum doesn’t need to be secure.
It does if Google has anything to say about it. They’ve been
You do not have permission to view link Log in or register now.
, regardless of what’s on it, and I seem to remember they intend for Chrome in future to block any that don’t.

Common sense is what’s needed, really: if your browser tells you a site isn’t secure, ask yourself, “Am I going to enter any sensitive information on it?” If not, you can ignore the warning. For example, with a forum like this, anyone eavesdropping on visitors will only really get usernames and passwords to the forum. As long as you don’t use those same names and passwords for important sites (like your bank, PayPal, etc.) there’s no real danger — at worst, someone could impersonate you here on this forum.
 

BarryW

SMF Poster
Joined
Jul 23, 2011
Messages
2,322
Likes
1,287
Points
113
Location
Dover & Hythe
First Name
Barry
#12
There is this push to have security certificates on sites. On my business site, which is just an online brochure site and means of contact I have has to buy a certificate to stop the security alert. There is no real reason to need one but people get worried if they see that. The cost was about £25 from memory but at least visitors to the site won’t be put off by it.
 
Joined
Apr 28, 2018
Messages
2
Likes
1
Points
3
First Name
Andrew
#13
at worst, someone could impersonate you here on this forum.
potential is to take the password & user identity of any account so that means a threat actor could become a John or an Ian m. I'm sure they have some interesting abilities that we do not.

If there is the potential to modify the content that is presented to you to include malware then there is a lot more at risk than just impersonating someone, even if the risk is limited to the potential of impersonating someone, could I use that to some advantage? maybe.
 

Jakko

SMF Poster
Joined
Apr 28, 2018
Messages
1,293
Likes
659
Points
113
First Name
Jakko
#14
potential is to take the password & user identity of any account so that means a threat actor could become a John or an Ian m. I'm sure they have some interesting abilities that we do not.
True, but that’s not an issue for you and me, the regular visitors of this site who (may) get a warning from their web browsers that the site isn’t secure.
 
Joined
Nov 22, 2018
Messages
8
Likes
1
Points
3
First Name
Simon
#15
The forum doesn’t need to be secure.
Hi @John , in light of GDPR you may want to have a think about that, whilst the forum does not store "sensitive" personal data, it does store email addresses and if someone has entered date of birth, location etc. it stores personal data that can be used to identify a data subject. In the event of a data breach you'd be on a very sticky wicket arguing with the information commissioners office that a site that stores personal data that can be used to identify a subject does not need to be secure. The penalties are pretty draconian.

It's a low risk since I don't think the forum is very high on Moscow's target list and the ICO are after the banks etc. but thought you may appreciate the heads-up.
 

John

Administrator
Staff member
Administrator
Moderator
Joined
Mar 4, 2004
Messages
3,637
Likes
510
Points
113
#16
The forum is secure, it's just Google browser saying it hasn't got an SSL, the forum is always up to date with the latest patches, having an SSL wouldn't stop any real hacker getting in, just ask the many big companies and governments that have been hacked.

I will change the GDPR text to reflect this, if people don't want to use the forum because of this then that's fine.
 
Top