Connection not secure

....versus connection secure.
For the not secure page, the icon is a lock with a little triangle.

What exactly does "not secure" mean and how does it impact viewing a website?
Is it safe to enter your password and username, in this case my email address?
How about if you wanted to renew membership, sending your credit card info...does SSL work even on a "not secure" page?

I'm just not finding the info I want searching.

Thanks again ATSers!!!!

originally posted by: DontTreadOnMe
What exactly does "not secure" mean

I firmly believe that it means if your computer is a week old or older and is not brand-spanking new, it's out of date and it needs to be replaced with a brand new one. Newer than the one you bought last week. That's what I believe.

I think it's just a money-making racket - a scare tactic to keep you constantly updating your equipment. I, personally, am not so worried about it, at least not as worried as "they" say I should be.

a reply to: DontTreadOnMe

I don’t think I’ve ever sent credit card info on a non https or insecure site. Login and password sure, as long as it isn’t financial. Usually means it can be grabbed and read if you know what you’re looking for, like a 3rd party.

Some people like to pull shenanigans and make fake sites that look real to get info. You could always try to DNS resolve through Quad 9 or AdGuard if you’re curious about the legitimacy of the site. That’s a quick check, or cross reference if anything on that site is buried and watching, a good hosts file could check that for you and automatically block it. Routers with AI protection should block bad sites like this automatically.

It could also be certain advertisements in the site are not “secure” while the rest of the site is fine, or trackers or whatever like images.

What’s it for?

originally posted by: TrulyColorBlind

originally posted by: DontTreadOnMe
What exactly does "not secure" mean

I firmly believe that it means if your computer is a week old or older and is not brand-spanking new, it's out of date and it needs to be replaced with a brand new one. Newer than the one you bought last week. That's what I believe.

I think it's just a money-making racket - a scare tactic to keep you constantly updating your equipment. I, personally, am not so worried about it, at least not as worried as "they" say I should be.

What ?
A new system every week will not be more secure .
Windows 10 Defender does an excellent job at securing a system .
TPM 2.0

But , the major security guard for your system is YOU .

a reply to: DontTreadOnMe

Here you go (although SSL has been TLS since 1999)

TLS

a reply to: TheAMEDDDoc

It's a legit site, one we've visited for some time.
At first our computer said our clock was off.....LMAO
LIke I have any clue what that has to do with anything.

a reply to: DontTreadOnMe

Clock could do it lol with a time mismatch. Certificate error on their end could also be the cause even though it’s fine.

a reply to: TheAMEDDDoc

Except the clock issue shows on various devices, some M$, some KIndle.

a reply to: Gothmog

I'll have to attempt that tomorrow.....brain is too tired tonight, Thanks!!!!!

a reply to: DontTreadOnMe

That’s odd, same network though right? I used to get those issues then set my router to set all my devices in my network to have the same time and get it from the router, it’s through chrony but most routers should let you check or setup an NTP server at the router level. We also DNS resolve at the router now, helps a little with privacy.

If your clock is out of sync, it could make security certificates register as invalid, and not let you connect via SSL.

This can also screw with printer drivers if the sync is out enough.

It doesn't hurt to resync to a time server. just in case.

That being said, most data transmitted doesn't require SSL to work, but if you're doing anything that should be secured, like credit card transactions or banking online it could/will cause problems.

a reply to: DontTreadOnMe

I had this issue very often at my former job.

Did you exchange the router or did something to the firewall so it block NTP time server protocol? It needs this for signing the timeout packages correct. This means that the little data packets your computer sends are considered "old" or "coming from the future". The other computer ignores them then.

I had this issue very often and the fix was to set the time manually inside the VPN router with SSH and then call their local IT and ask who t f disabled NTP on that IP or MAC.

Just an idea

a reply to: DontTreadOnMe

Does this help?

Your connection may or may not be encrypted, e.g. http/https.

A connection must be encrypted to be a secure.

An encrypted connection may or may not be a secure depending on if the certificate chain from the end entity (www.ats.com...) to the signing authority also called the intermediate certificate, and finally to the root certificate. When all these curcumstances exist the secure connection is "trusted".

There are dozens of factors which can make an otherwise trusted connection only secure or encrypted.

Expired certificate. LetsEncrypt certificates are free but they expire every 3 months. Personally i think certs should be renewed every 72 hours but big businesses would go bonkers. Expired certs are arguably the most common reason for degraded security in the context to a connection.

Your clock is set incorrectly. This is usually not a problem with most modern web browsers because if you have an internet connection they dont need your system clock to know wtf time it is. The browser probably knows better than your computer.

The certificate is revoked. # around and find out how quickly they can revoke a cert when you violate teems or openly support gun rights.

Your intermediate certificate is revoked. This has happened to starfield in recent times. If the signing authority fibds their private key for signing gas been compromised then their intermediate certificate is revoked by the root authority and a new private key and intermediate cert is issued.

Your computer does not allow the combination of the protocol and cipher. Remember tls 1.3 vulnerabikuty? Probably not. I dont think you nerd out like me, but thats okay. Basically if a service only negotiated to talk to your computer using that protocol, but your computer is locked down properly, then the connection fails. Or perhaps they only offer strong ciphers and you dont have a security upsate installed to support them you qould have problems.

Or perhaps the webserver is misconfigured. Or the cert does not match the host or other dns names stappled to it. Or there is something wrong with the oscp stapling.

I could probably go on for hours about the reasons certificates fail. The point is to just understand there are 3 parties to a cert, and all must be valid and agree to shake hands to be trusted.

I hope that makes sense cuz im a bit #ed up right now.

originally posted by: drewlander
a reply to: DontTreadOnMe

Does this help?

....

The certificate is revoked. # around and find out how quickly they can revoke a cert when you violate teems or openly support gun rights.


I hope that makes sense cuz im a bit #ed up right now.

To me right now, this is the most logical scenario.
I'll contact the site IT guy tomorrow....and see if they even reply!!!

a reply to: DontTreadOnMe

I can probably tell you exactly whats wrong if you had a more specific question. If i knew the URL i could do my own inspection. If you dont get my attention mandroid7 knows how to find me, lmk if you still have questions.

a reply to: drewlander

THanks.

PM4U

Received and responded.