It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Upgrade the site to be served via https
page: 14
share:
I'm astonished to see that this site, a conspiracy site etc, a home for the paranoid etc would be served via unencrypted HTTP only.
I was going through my saved passwords to delete stuff I don't use anymore and remembered this site.
I believe no one has not heard of the Snowden revelations and how the NSA and others are saving every bit of traffic that is transfered over the internet. But they can't, at least not easily, decode encrypted traffic.
Also encrypted traffic, via https, also verifies that the content that came from one source is authentic and has not been tampered with.
Whereas unencrypted traffic like coming from this site right now is.. let's put it like this, if the NSA would be interested in targeting anyone as a man-in-the-middle attacker, which they're absolutely capable of doing, a website like this would be a good source.
In the past one might've said, "Hey a x509 certificate is expensive, we don't have the money". There's letencrypt. It's mature, automated and free.
You could also say, "Our webserver can't handle the load", to which I'd say "Don't host on a potato". I get it, PHP is a slow language that doesn't scale very well, but I believe the secrecy of your user's password is more important than neglible overhead via https enryption.
Well, of course one should use a dedicated password for every new location. But the reality is different. People are still using the same password for multiple sites. I wouldn't be surprised if you even stored those passwords in clear text, given that the need to encrypt the traffic between your server and your visitors is not being done.
I don't think I have to explain any more. https should be default, always.
I was going through my saved passwords to delete stuff I don't use anymore and remembered this site.
I believe no one has not heard of the Snowden revelations and how the NSA and others are saving every bit of traffic that is transfered over the internet. But they can't, at least not easily, decode encrypted traffic.
Also encrypted traffic, via https, also verifies that the content that came from one source is authentic and has not been tampered with.
Whereas unencrypted traffic like coming from this site right now is.. let's put it like this, if the NSA would be interested in targeting anyone as a man-in-the-middle attacker, which they're absolutely capable of doing, a website like this would be a good source.
In the past one might've said, "Hey a x509 certificate is expensive, we don't have the money". There's letencrypt. It's mature, automated and free.
You could also say, "Our webserver can't handle the load", to which I'd say "Don't host on a potato". I get it, PHP is a slow language that doesn't scale very well, but I believe the secrecy of your user's password is more important than neglible overhead via https enryption.
Well, of course one should use a dedicated password for every new location. But the reality is different. People are still using the same password for multiple sites. I wouldn't be surprised if you even stored those passwords in clear text, given that the need to encrypt the traffic between your server and your visitors is not being done.
I don't think I have to explain any more. https should be default, always.
a reply to: itsthatsow
If you look through Board Business this has been brought up and explained before.
If you look through Board Business this has been brought up and explained before.
originally posted by: Atsbhct
a reply to: itsthatsow
If you look through Board Business this has been brought up and explained before.
Link to the thread?
new topics
-
Project Redsun: NASA's Secret Manned Missions to Mars The Why Files
Space Exploration: 4 hours ago -
President BIDEN Approved Omitting from the Transcript That He Called Trump Supporters GARBAGE.
2024 Elections: 5 hours ago -
Strong and Intelligent women
2024 Elections: 7 hours ago -
Candidate Harris Supporter MARK CUBAN Says Trump Has No Smart-Intelligent Women in His Orbit.
2024 Elections: 8 hours ago -
Colorado voting system passwords didn't start getting changed until after p/w leak became public
2024 Elections: 10 hours ago -
Double Homicide.
Short Stories: 11 hours ago
top topics
-
True Voter Surpression and an attack on a voter in North Carolina
US Political Madness: 15 hours ago, 16 flags -
What Happens if They Manage to Take Him Out BEFORE the Election?
2024 Elections: 12 hours ago, 12 flags -
Candidate Harris Supporter MARK CUBAN Says Trump Has No Smart-Intelligent Women in His Orbit.
2024 Elections: 8 hours ago, 8 flags -
Joe Rogan Experience #2221 - JD Vance
2024 Elections: 12 hours ago, 7 flags -
Colorado voting system passwords didn't start getting changed until after p/w leak became public
2024 Elections: 10 hours ago, 7 flags -
Double Homicide.
Short Stories: 11 hours ago, 6 flags -
Strong and Intelligent women
2024 Elections: 7 hours ago, 4 flags -
From Tribes to Superpowers: The Evolution of Human Societies Toward Global Dominance
New World Order: 13 hours ago, 4 flags -
Innocent until proven guilty.
Rant: 15 hours ago, 3 flags -
Election statistics question
2024 Elections: 15 hours ago, 3 flags
4