AK site and login unsecure warning messages

I'm on a MacPro and I get warning in Firefox 52.0.1 when I log in here ...

Screen Shot 2017-03-18 at 10.25.13 AM.png
 
Last edited:
I'm on a MacPro and I get warning in Firefox 52.0.1 when I log in here ...

View attachment 890617
Yep gonna see this a lot of places.

Again just to be somewhat clear about the facts.

1. AK does not have SSL enabled by default and its not as easy as it seems because images and other linked "AK Site" elements need to be all SSL.

2. Your connections are no less secure than before the Firefox update.

3. Yes SSL is an improvement over non SSL but this is being forced down peoples throats by Mozilla etc who surprise are also behind Lets Encrypt. https://letsencrypt.org/sponsors/

4. Free SSL is not really "Free" because it relies on a Organization keeping its word to keep it Free and there is a back end administrative overhead to implement Lets Encrypt.

5. Centralized SSL everywhere is nice except the part where the CA that is used can be compromised and also can be utilized by organizations both governmental and otherwise for spying on you.

Frannie
 
Yep gonna see this a lot of places.

Again just to be somewhat clear about the facts.

1. AK does not have SSL enabled by default and its not as easy as it seems because images and other linked "AK Site" elements need to be all SSL.

2. Your connections are no less secure than before the Firefox update.

3. Yes SSL is an improvement over non SSL but this is being forced down peoples throats by Mozilla etc who surprise are also behind Lets Encrypt. https://letsencrypt.org/sponsors/

4. Free SSL is not really "Free" because it relies on a Organization keeping its word to keep it Free and there is a back end administrative overhead to implement Lets Encrypt.

5. Centralized SSL everywhere is nice except the part where the CA that is used can be compromised and also can be utilized by organizations both governmental and otherwise for spying on you.

Frannie



Very interesting. Thanks for this share.:thumbsup:

Q
 
...that said...it is (however crudely) bringing awareness to the "rube" populaces at large.
This is true. I know that site admins like myself (like @buglegirl says) don't like having this shoved down our throats. But what can we do? I have users freaking out on some sites because of this. Thanks to firefox especially, it's panic time for some users out there. "I feel so unsafe" was one comment I saw. "Onoz, we're being hacked!!" seems to be another misconception floating around. (Seriously. I have end users like this.) And then because of firefox, we're spending less time working on a solution, and more time having to explain it all. It's been a friggin' headache for me since this little warning came along.

I have wanted to run sites via SSL for years, but in the past it was due to certificates being expensive to purchase and difficult to implement (in terms of configuration, so it is not throwing all sorts of errors at the end users, and sites are redirecting properly). The last site I converted to SSL is barely used, yet I still find things that are "broken" due to the old "http" URL being baked into so many places in a configuration. Thankfully it is a test case, and I'll know what to take care of next time. Yet it's just one more friggin' headache for us...
 
That's because Macs can't get PC viruses ...

Anybody see that commercial yet? Sure ... they just get Mac viruses! <G>

I just turned off Firefox updates on my HTPC. Currently locked in on v54. Here's hoping Avast and Ghostery are up to the task of keeping things clean ...

PS ... there's a good reason why FF is fast losing users ... switched to Chrome on this machine some time ago.
 
Last edited:
Hiya,

PS ... there's a good reason why FF is fast losing users ... switched to Chrome on this machine some time ago.

That be your funeral. If you think Google is your friend and Chrome is anything but a data collection machine for them well there is some land I have to sell.

Not that Firefox is some prize but at least its not connected to a evil search engine Colossus.

Frannie
 
PS ... there's a good reason why FF is fast losing users ... switched to Chrome on this machine some time ago.
I haven't used firefox since 2010, when I built up a new computer and never reinstalled it. Got tired of the bloat and the memory leak issues. ;)

That's because Macs can't get PC viruses ...

Anybody see that commercial yet? Sure ... they just get Mac viruses! <G>
True dat. :D The old "macs can't get viruses" is the worst old urban legend ever. As an IT guy, and like any IT guy worth his weight in DDR3 RAM modules, we automatically assume that all unsecured devices are unsafe. Attackers will go after the most popular of devices because they make the most impact. I know just from following a few mailing lists that there are plenty of exploits out there even for Linux-based OSes, despite some users saying they "can't be infected." Bullpoop. Our web servers are patched continuously (and I've never seen so many patches in my life as I have for Ubuntu--it's a continuous stream of patches), yet we've never had an issue because the host is on top of it. Servers I manage completely myself are tight, I update things continuously, and I have a lot of monitors in place to alert me within a minute if there is an issue.

And if there were no "bad guys" out there, this entire discussion would be moot. :D
 
buglegirl said:
The issue is that more and more when you login to sites (Not Just Here) they will require ssl for security.

There is NO REASON TO FORCE SSL ON A SITE LIKE THIS!!!!

It can cause problems for some browsers and they will not be able to connect IF HTTPS IS FORCED....

Please do not drink the koolaid!!!!!
 
There is NO REASON TO FORCE SSL ON A SITE LIKE THIS!!!!
DAMN STRAIGHT!!!

This new fangled Internets really borks how I roll. :mad:

7.0.png
 
There is NO REASON TO FORCE SSL ON A SITE LIKE THIS!!!!

It can cause problems for some browsers and they will not be able to connect IF HTTPS IS FORCED....

Please do not drink the koolaid!!!!!
Actually yes there is because people using modern browsers will eventually be locked out of signing on at this rate.

And please don't use the argument that IE 6 and Windows 98 is all anyone needs.

Frannie
 
Hiys,

To clarify enabling SSL on this site to satisfy browsers that complain about it does not mean that non SSL will stop functioning with crappy older browsers.

Now somewhere in the future maybe all sites will be forced to go to SSL for whatever reason and what do you Luddites do then ??

We admins don't make these rules and we certainly take a lot of abuse as if we do.

EDIT: To clarify. When I say "Admins" I am not saying that I am an admin of this site because I am not. I am just generalizing.

Frannie
 
Last edited:
I know frannie..... Nothing wrong with having HTTPS for users that want it....

cellar.org has an HTTPS layer but they dont force it,you can still go there reg www.cellar.org if you want to... (VBB)

and some sites have CLOUDFARE and they have RC4 enabled so all browsers can connect... (davidicke.com/forum is one)
 
Back
Top Bottom