Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


HTTPS for LET
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

HTTPS for LET

MunMun Member
edited May 2013 in General

I think LET is big enough and profitable enough for a good SSL cert to help protect all of us from nasty things, what do you think?

«13

Comments

  • protect from what ???

  • AmitzAmitz Member

    Ha! I see a "Thanks"-Button before that happens!

  • MunMun Member

    well as of current all traffic is sent in plain text meaning I can theoretically steal your password and take over your account.

  • 24khost24khost Member

    I will keep out of this discussion. Unless @Taz is here!

  • 24khost24khost Member

    Or do what yahoo does and sha1 the password with JavaScript before it is sent over http:

  • KuJoeKuJoe Member, Host Rep

    How many people are paying with credit card for access to LET? HTTPS is a waste of time for a forum.

  • yomeroyomero Member

    Yes, you can steal it if you can reach one of the hops between me and let... not gonna happen, lol

  • I want a spam protection before that and community ban system - ban people by voting them ban for 1 day and if a lot of people press same, you get banned for 1 day.

  • AndreAndre Member

    a good SSL cert

    Is there an issue with using a cheap one?

  • @Mun, You should really understand how internet works.

  • MunMun Member

    @darknessends said: I want a spam protection before that and community ban system - ban people by voting them ban for 1 day and if a lot of people press same, you get banned for 1 day.

    Ironic....

  • MunMun Member

    @darknessends said: @Mun, You should really understand how internet works.

    ....facepalm, what don't I understand now ohhh wise one.

  • KuJoeKuJoe Member, Host Rep

    If a hacker had root access to the LET server, they would disable HTTPS instead of taking encrypted packets.

  • @Mun, brother no offence. This is a forum. It really does not needs too much security unless a lot of incidence of such gruesome act happens. Focus on what @yomero says - You can steal password if you reach a hop between the client user and lowendtalk, that will only happen if we are being routed by one of your servers that is not the case or if you are on same LAN as ours and you use a MITM / ARP Poisoning attack, again which is not the case. Most of the users on LET surfing from their private computers makes it a bit less probable scenario.

  • joepie91joepie91 Member, Patron Provider

    @KuJoe said: If a hacker had root access to the LET server, they would disable HTTPS instead of taking encrypted packets.

    HTTPS is typically used as a transport security layer, not a server security layer. The hops inbetween is what HTTPS is for - both at the carrier level, and on the machine of the user.

  • Especially when signup is free and you can troll, derail and post non sense stuff as much as you can and no body does justice.

  • AndreAndre Member

    @KuJoe said: root access to the LET server, they would disable HTTPS instead of taking encrypted packets.

    Rather than just stealing the DB? wut

  • MunMun Member

    So what if it is a forum?

    Alliedmodders is a forum, and they have ssl. They don't have cash exchanges, they just know it is a better thing to do when you have a large community where a bunch of things go on.

  • @Mun, leave you do not get it. Just do not feel fantasy for implementing any technology anwhere ! It becomes like mongoDb is better than MySQL scenario. Consider the pros and cons as well. Also consider how neccessary it is to implement it. I would love to have you write a common "Thank You" plugin for vanilla and ask @Liam to use it on LET.

  • MunMun Member

    The thank you button has already been written and given to @chief, he just doesn't install it.

  • @Mun, Than you can make a website, like LowEndTalkThankYou.com and build a ranking list all over there, let people signup there, verify from pm here, and let them thankyou each other, use Ajax charts and Node to build beautiful statistics out of it.

  • MunMun Member

    @darknessends said: @Mun, Than you can make a website, like LowEndTalkThankYou.com and build a ranking list all over there, let people signup there, verify from pm here, and let them thankyou each other, use Ajax charts and Node to build beautiful statistics out of it.

    Indeed I could. But I don't really see the point. The Thank you button was meant for comment level, and not for the person all around.

  • @Mun, That could be point for a hot discussion, Raise a thread and lets see how does the LET reacts to idea of ranking, It may lead to a rush to be a more productive and disciplined community rather than Troll Mass Generator.

  • MunMun Member

    @darknessends said: @Mun, That could be point for a hot discussion, Raise a thread and lets see how does the LET reacts to idea of ranking, It may lead to a rush to be a more productive and disciplined community rather than Troll Mass Generator.

    There you go.

  • bdtechbdtech Member

    All that's needed is SSL at login. This will keep you safe enough on public networks.

  • SpencerSpencer Member

    Lets be honest here, even if we needed it, a Mr Somebody would never do it due to his "busy" schedule

  • @Mun said: Alliedmodders is a forum, and they have ssl. They don't have cash exchanges, they just know it is a better thing to do when you have a large community where a bunch of things go on.

    Alliedmodders jumped off a bridge, are you going to do the same also?

  • MunMun Member

    @doughmanes said: Alliedmodders jumped off a bridge, are you going to do the same also?

    No, but the last time I checked SSL isn't committing suicide, killling someone, or involving of death.

  • @Mun said: No, but the last time I checked SSL isn't committing suicide, killling someone, or involving of death.

    You sound quite the expert on SSL, tell us more why you think snake oil should be applied on the forum

  • MunMun Member

    @doughmanes said: You sound quite the expert on SSL, tell us more why you think snake oil should be applied on the forum

    It leaves a gleaming green glow in the upper left hand of your browser :)

Sign In or Register to comment.