Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 04, 2017 09:56 AM            

---

In one of the latest Firefox updates, a rather annoying thing was added. Whenever you first type your Username and Password at LL, it tells you the site is not secure. You can ignore that pesky little nuisance. What it is saying is that LL isn't a "https" site, but that doesn't matter, because encrypted data isn't needed here. You aren't putting in credit card info. Thankfully, it stops once the cookies take over and automatically enter your Username and Password, because it can really get on your nerves seeing that message block the fields.

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 05, 2017 04:42 PM            

---

Bump!

IP: Logged

Posts: 386
From: New York, USA
Registered: Sep 2014

posted April 05, 2017 05:58 PM            

---

Good to know, I thought it was my computer acting up.

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 07, 2017 10:27 PM            

---

lol

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 10, 2017 11:40 PM            

---

Bump!

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 13, 2017 12:49 PM            

---

IP: Logged

Posts: 1325
From: The future... or the past. I get them confused...
Registered: May 2014

posted April 13, 2017 01:29 PM            

---

Randall, there are a few good reasons to consider HTTPS even if no sensitive data is being stored. I'd be happy to talk about those with you either here or via private email.

IP: Logged

Posts: 669
From: Sirius
Registered: Jul 2013

posted April 28, 2017 04:44 PM            

---

quote:

---

Originally posted by Gemini Blues:
Randall, there are a few good reasons to consider HTTPS even if no sensitive data is being stored. I'd be happy to talk about those with you either here or via private email.

---

I agree!!!!

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 28, 2017 10:17 PM            

---

We have a good firewall.

IP: Logged

Posts: 733
From: Dreams
Registered: Nov 2009

posted April 29, 2017 07:28 PM            

---

The point I believe people are making is that when information is transferred online between two parties, in this case; one of us and this website, that information can be intercepted and read by anyone who is capable or wants to.

This happens before it's even behind the firewall of the site. It's between the two, like intercepting a letter in the post before it reaches the address it's going to. Once it's reached it's address, it's fair to say that no one could read it then.

HTTPS encrypts the information whilst it's in transit, so someone who does look at it, will not be able to read it, unless they are really good at cracking encryptions, or have software to do so.

Now we could debate the reasons for wanting this information to be encrypted, but that is a huge topic.

I think the basic suggestion would be, why not make it more secure? Unless it is significantly more costly to do so, there isn't a good reason why not to, as it also makes access to the site more secure.

For example, currently someone could intercept your webmaster login details, and then do what they want to the site.

------------------
Learn lots. Don't judge. Laugh for no reason. Be nice. Seek Happiness. Follow your dreams.

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted April 29, 2017 07:35 PM            

---

Passwords ARE encrypted. My tech guys say it's not necessary unless we accept credit cards.

IP: Logged

Posts: 1325
From: The future... or the past. I get them confused...
Registered: May 2014

posted April 29, 2017 10:46 PM            

---

Congress recently passed a bill allowing ISPs to gather traffic from all their customers. The primary reason is so they can see where you go to target advertising. But they are allowed to gather just about anything and build a profile on you, which they may then sell to third parties. They could see the text I'm writing right now, and include it in what they sell. If it were encrypted, they would see I visited this site, but not the text of my post or the texts of the posts I read. At least not without coming here and associating my user name on this site with my device and IP which they know as my ISP.

Something to think about...

I have 25 years in the computer biz, the last 4 as an independent consultant. I used to think the same way as your tech guys. But this isn't 2005 anymore. This is the era of big data. Even the big guys like Google are pushing for all HTTPS. That's why Firefox is flagging non encrypted sites.

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted May 02, 2017 09:51 PM            

---

Privacy is still a thing? Facebook has been doing this for years.

IP: Logged

Posts: 1325
From: The future... or the past. I get them confused...
Registered: May 2014

posted May 03, 2017 12:17 PM            

---

Yeah, don't get me started about Facebook...

IP: Logged

Posts: 3930
From:
Registered: Sep 2012

posted May 03, 2017 12:22 PM            

---

everything that people do is already sensed anyway.

for example you find out a guy does something, then you feel, yeah that makes sense.

your mind will try to make you feel. but your heart/spirit already feels how it feels and your mind can not change that, and your heart doesnt care, cause it already knows.

it cared as the person was doing the thing that you just found out about, because as the person was doing that thing, you spiritually felt them doing it, so that is when you felt and experienced what they went through.

IP: Logged

Posts: 79071
From: From a galaxy, far, far away...
Registered: Apr 2009

posted May 05, 2017 09:00 PM            

---

We sell our soul when we use FB.

IP: Logged

Posts: 1325
From: The future... or the past. I get them confused...
Registered: May 2014

posted May 05, 2017 09:08 PM            

---

Truer that you think!

IP: Logged

Posts: 1233
From:
Registered: Sep 2015

posted May 05, 2017 09:36 PM            

---

quote:

---

Originally posted by Randall:
Privacy is still a thing? Facebook has been doing this for years.

---

So wait, you don't respect privacy because Facebook doesn't? That's just great smh

IP: Logged

Posts: 1233
From:
Registered: Sep 2015

posted May 05, 2017 09:38 PM            

---

quote:

---

Originally posted by Gemini Blues:
Randall, there are a few good reasons to consider HTTPS even if no sensitive data is being stored. I'd be happy to talk about those with you either here or via private email.

---

IP: Logged

Posts: 3930
From:
Registered: Sep 2012

posted May 05, 2017 09:40 PM            

---

https://www.linda-goodman.com

"whoa, linda-goodman is encrypted!? it must be some serious business!!"

"yeah man. a bit too serious. think i'm gonna take a hike"

--

*guy acts formal,* "it feels like i'm logging into my bank card" with that https

IP: Logged

Posts: 611
From:
Registered: Feb 2013

posted May 06, 2017 02:42 PM            

---

Anytime email addresses are collected (through log in, password resets), an https connection should be used. What used to happen (and probably still does) is that the email and password credentials would be submitted via plain text (no encryption) and be intercepted. Email info would be used to sniff out what types of accounts (banks,PayPal, or maybe social media) used for that email address and people attempt to reset passwords, get into those accounts and start havoc. I saw it was too often at one of the places I used to work.

To users-If you used sites that are not https often, I'd highly suggest using an email separate from one you use for banking or anything that has sensitive personal information.

Also a quick WhoIs domain name look up can also indicate how a website owner really feels about privacy. Unless it is a country based tld such as .au (Some countries do not allow domain privacy but .coms in any country can)

IP: Logged

Posts: 3930
From:
Registered: Sep 2012

posted May 06, 2017 04:33 PM            

---

LL doesnt use emails anywhere.

so unless you are afraid of being found out that you use LL, for the rare chance someone baught it from your ISP provider, there's not much to worry about, for now

IP: Logged