Use HTTPS

Have something to say about forums.debian.net itself?

Re: Use HTTPS

Postby Head_on_a_Stick » 2019-07-31 15:02

sickpig wrote:Please edit your post

debiman doesn't post here any more, he can't stand to be on the same boards as me :mrgreen:

He's active over at linuxquestions.org if you want to go and bother him there. Tell him HoaS says [redacted].
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10600
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Use HTTPS

Postby theblueplll » 2019-07-31 22:59

sickpig wrote:
Please edit your post to capitalize Australia. i dont care about the rest of your spellings, grammar or sentence construction but when it comes to nations kindly bear some respect. Thanks.



It actually has nothing to do with respect.
It's proper english to capitalize the first letter to the name of a country.
theblueplll
 
Posts: 154
Joined: 2019-04-29 01:17

Re: Use HTTPS

Postby D2b2426R5d » 2019-08-01 21:55

Can some admin seriously answer the question, what the f*ck is wrong with this forum? no TLS in 2019? Is someone stuck in 90's or something?
D2b2426R5d
 
Posts: 7
Joined: 2015-12-23 10:48

Re: Use HTTPS

Postby 4D696B65 » 2019-08-01 22:04

ask the orange guys
User avatar
4D696B65
 
Posts: 2438
Joined: 2009-06-28 06:09

Re: Use HTTPS

Postby cuckooflew » 2019-08-01 22:37

GoodLuck at getting a reply, but if https is important to you, there are several groups on face book, they are all https :
https://web.facebook.com/debian/
Or this one:
https://web.facebook.com/groups/lifewithdebian/
Personally I trust this site with http, more then I do any site with https, the only thing https does is help trick the visitors into thinking they are more secure, when they aren't.
My grand father knows all about everything:
…one flew east, one flew west,
One flew over the cuckoo’s nest.
cuckooflew
 
Posts: 55
Joined: 2018-05-10 19:34
Location: Some where out west

Re: Use HTTPS

Postby sickpig » 2019-08-02 05:37

theblueplll wrote:
sickpig wrote:
Please edit your post to capitalize Australia. i dont care about the rest of your spellings, grammar or sentence construction but when it comes to nations kindly bear some respect. Thanks.



It actually has nothing to do with respect.
It's proper english to capitalize the first letter to the name of a country.


ur reply has been edited or is altogether new. the earlier one entitled repercussions which Karma will ensure. cheers!
User avatar
sickpig
 
Posts: 317
Joined: 2019-01-23 10:34

Re: Use HTTPS

Postby trinidad » 2019-08-02 20:21

I mean in NIX isn't it like Old Beth's old Empire the big island, or OBoE/tbi; kinda like USA/possessions/pr/vi/guam/etc. compared to say USA/Chicago

Just teasing.

TC
You can't believe your eyes if your imagination is out of focus.
trinidad
 
Posts: 76
Joined: 2016-08-04 14:58

Re: Use HTTPS

Postby sickpig » 2019-08-03 04:13

:D :lol: good one, me like
User avatar
sickpig
 
Posts: 317
Joined: 2019-01-23 10:34

Re: Use HTTPS

Postby yeti » 2019-08-08 11:20

Drop me a PM when this forum has HTTPS...
I'll take a break until then.
"I have a natural instinct for science" — DJ Trump.
"Vrijdag voor VT100!" — Yeti.
"There is no PLANET-B!" — ???
User avatar
yeti
 
Posts: 67
Joined: 2009-03-30 14:22
Location: On vacation until this forum uses HTTPS.

Re: Use HTTPS

Postby cuckooflew » 2019-08-08 16:18

It will be a long vacation, hope you enjoy it.
Honestly , I do not see why people think https is so important, it does nothing to keep your system secure, and as mentioned earlier , if https is so important, there is all ways sites like FaceBook, that use it.
===================
https://authentic8.blog/https-beware-the-false-sense-of-security/
===================
https://www.semrush.com/blog/https-a-modern-false-sense-of-security/

That leads to something else that has all ways been suspicious to me, Why does Google, promote and try to force everyone to use ssl certificates and https ? Any way, enjoy the vacation.
My grand father knows all about everything:
…one flew east, one flew west,
One flew over the cuckoo’s nest.
cuckooflew
 
Posts: 55
Joined: 2018-05-10 19:34
Location: Some where out west

Re: Use HTTPS

Postby Gerowen » 2019-09-17 22:16

It's 2019 and the site still isn't using https...smdh

The point of using SSL is to encrypt the traffic while it's in transit. It seems logical to me that any site that takes input from the user, such as login credentials, would want that information encrypted while it is in transit. Sure, sites using https may embed third party content, malware, etc., but that's not what we're talking about. We're not talking about the safety of this site or the validity of its content, we're talking about a simple and easy to implement feature to enhance the security of how this site operates. Hell, my personal server uses TLS; my personal, in my house server, is hosting its public facing webpage with https enabled. Is it perfect? Does it guarantee that a determined attacker can never gain entry? Absolutely not, but it's sure as shit better than not even trying and using regular http for something that handles user logins. All we're talking about is the very basic concept that a normally functioning website should in some way encrypt and/or otherwise obfuscate user logon credentials while they are in transit over the internet, and using https/SSL/TLS is a simple to implement and industry standard way of doing that.
Gerowen
 
Posts: 146
Joined: 2011-04-11 05:12

Re: Use HTTPS

Postby kopper » 2019-10-14 04:42

cuckooflew wrote:Honestly , I do not see why people think https is so important, it does nothing to keep your system secure

"Nothing" is not the word one would describe something encrypting the traffic between end-used and web service. False sense of security regarding this topic comes from the lack of knowledge, i.e. understanding what is protected and what is not.
cuckooflew wrote:, if https is so important, there is all ways sites like FaceBook, that use it.

This is dumb. Like saying "you can always use sandals with socks if you can't use hiking boots". As if people were using the internet just because you can't use SSL without it.

cuckooflew wrote: That leads to something else that has all ways been suspicious to me, Why does Google, promote and try to force everyone to use ssl certificates and https ? Any way, enjoy the vacation.

This is also dumb. Being suspicious is in many cases warranted, but in this case it seems that you don't have a clear understanding how SSL works and why it is used. Google does many crappy things, but this is not one of them. At least in real world. You may hold up to any conspiracy BS you want in your own imaginary hellhole.

We're almost in 2020. I find it weird, that one of the most basic tool to protect the people from so-much-feared surveillance is ignored by the (allegedly) tech-savvy community. Not having simple, fundamental best-practices in place makes it very hard to uphold any credibility. Even more importantly, it's stating that you don't respect your users enough to go through a few extra steps in your maintenance routine. And yes, not encrypting your users' credentials in-transit is exactly what constitutes as lack of respect. While this is not a service which users' life depend on, at least users should be able to trust that information they give to the service is handled with appropriate care. So many people on these forums seem to whine about big corporations not handling their data up to standards, but at the same time think the same rules don't apply to open-source community.
Debian 9.9 Stable with i3
Secure your stuff: Securing Debian Manual
Don't break your stuff: Source List Management DontBreakDebian
kopper
 
Posts: 133
Joined: 2016-09-30 14:30

Re: Use HTTPS

Postby Head_on_a_Stick » 2019-10-14 15:30

kopper wrote:at least users should be able to trust that information they give to the service is handled with appropriate care

And what information would that be then? This is a public forum, all of the posts are visible even to non-members.
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10600
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: Use HTTPS

Postby Gerowen » 2019-10-14 16:01

Head_on_a_Stick wrote:
kopper wrote:at least users should be able to trust that information they give to the service is handled with appropriate care

And what information would that be then? This is a public forum, all of the posts are visible even to non-members.

Usernames and passwords.
Gerowen
 
Posts: 146
Joined: 2011-04-11 05:12

Re: Use HTTPS

Postby Head_on_a_Stick » 2019-10-14 18:57

So you're using the same password everywhere? That's not wise.
Don't break DebianHow to report bugs

SharpBang GNU/Linux — a pre-configured Openbox/Tint2 desktop running on Debian stable
User avatar
Head_on_a_Stick
 
Posts: 10600
Joined: 2014-06-01 17:46
Location: /dev/chair

PreviousNext

Return to Forum stuff & feedback

Who is online

Users browsing this forum: No registered users and 1 guest

fashionable