Hacked or paranoid?

[AnotherQuestion]

When I log into Cryptsy it shows the padlock on the address bar for https for a few seconds, then the padlock disappears. When the padlock is there if I click on the address bar it says "website does provide identity information" ... "Project investors"... "Certificate by Comodo" etc. When the padlock disappears it says "this website does not provide identity information". The address in the bar is always https cryptsy.com.

[1714666182]

1714666182

[1714666182]

1714666182

[1714666182]

1714666182

[1714666182]

1714666182

[1714666182]

1714666182

[1714666182]

1714666182

[coinpr0n]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

[defcon23]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

yup.. looks like a browser problem.. at first look.. 

[dothebeats]

When I log into Cryptsy it shows the padlock on the address bar for https for a few seconds, then the padlock disappears. When the padlock is there if I click on the address bar it says "website does provide identity information" ... "Project investors"... "Certificate by Comodo" etc. When the padlock disappears it says "this website does not provide identity information". The address in the bar is always https cryptsy.com.

Tried to log in in cryptsy. The padlock that you're stating is still in there. Nothing weird happening compared to what you're talking about. May I know what browser are you using and what plugins do you have in that browser? Maybe it's a browser problem because I can login and access cryptsy smoothly.

[AnotherQuestion]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

It happens on several browsers. Here is an image.

http://i60.tinypic.com/2pr7884.jpg
Or
https://i.imgur.com/iXSMTXb.jpg

I should add I live in a country where government surveillance is famously intrusive and the government makes no effort to hide the fact that it monitors my electronic communications. The internet connection I use is not secure at all.

[defcon23]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

It happens on several browsers. Here is an image.



I should add I live in a country where government surveillance is famously intrusive and the government makes no effort to hide the fact that it monitors my electronic communications. The internet connection I use is not secure at all.

you should upload your pictures here: https://imgur.com instead of what you're using yet.. 
Cheers! 

[guitarplinker]

I should add I live in a country where government surveillance is famously intrusive and the government makes no effort to hide the fact that it monitors my electronic communications. The internet connection I use is not secure at all.

If you feel that your internet browsing is being watched, you could invest in a VPN. Most only cost a few dollars per month, but allow for secure browsing.

[Amph]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

It happens on several browsers. Here is an image.

snip

I should add I live in a country where government surveillance is famously intrusive and the government makes no effort to hide the fact that it monitors my electronic communications. The internet connection I use is not secure at all.

are you sure you are not infected in some way? you should do a scan with multiple antivirus/anti-rootkit/anti-malware

usually there are insecure link, when this appear, you could have some insecure connection going on

[shorena]

sha1 fingerprint for cryptsy.com cert should be:

Code:

‎50 d2 75 62 0a 0e 98 17 13 bb 6a 00 fa 95 d2 cc 6d 5f 1e 1c

In case of a MITM it would be different.

You could also try to install HTTPS everywhere[1] and enable SSL Observatory[2] in order to let the plugin check whether the SSL cert is valid or not.


[1] https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
[2] https://www.eff.org/observatory

[AnotherQuestion]

are you sure you are not infected in some way? you should do a scan with multiple antivirus/anti-rootkit/anti-malware

usually there are insecure link, when this appear, you could have some insecure connection going on

Nothing shows up on antivirus, Comodo, McAfee, have tried others. Even immediately after reinstalling the operating system Malware bytes warns that its anti root kit driver cannot load. There is quite a bit of other evidence of a problem with my internet connection, I am just asking opinions about the risk with Cryptsy specifically. I use an SMS protected email and phone SMS to log into cryptsy but once I logged in and it went straight to the logged in area before I even entered the SMS. I have a screen grab of the message it showed on another device and will upload that when I can. Is it possible Cryptsy's SMS service was down briefly and it bypassed the SMS authentication because of reasons on the Cryptsy side?

[AnotherQuestion]

sha1 fingerprint for cryptsy.com cert should be:

Code:

‎50 d2 75 62 0a 0e 98 17 13 bb 6a 00 fa 95 d2 cc 6d 5f 1e 1c

In case of a MITM it would be different.

You could also try to install HTTPS everywhere[1] and enable SSL Observatory[2] in order to let the plugin check whether the SSL cert is valid or not.


[1] https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
[2] https://www.eff.org/observatory

Google has a very bad reputation for me,  as bad as Baidu etc for spying, but your comment did turn out to be helpful. Thanks.

[notlist3d]

sha1 fingerprint for cryptsy.com cert should be:

Code:

‎50 d2 75 62 0a 0e 98 17 13 bb 6a 00 fa 95 d2 cc 6d 5f 1e 1c

In case of a MITM it would be different.

You could also try to install HTTPS everywhere[1] and enable SSL Observatory[2] in order to let the plugin check whether the SSL cert is valid or not.


[1] https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
[2] https://www.eff.org/observatory

This would be my biggest worry if you are using wifi not your's and they are stripping ssl out. 

Are you using your own wifi or was this done somewhere elese?  Just as a good rule no one should trust AP that are like "Free Wifi" "Free Internet", etc.   It is sad but a rogue ap is getting cheaper and cheaper.

[coinpr0n]

Padlock doesn't disappear for me, perhaps you just have a misconfiguration. Maybe a browser plugin interfering with something? Have you tried using a different browser to see if you still had the problem?

It happens on several browsers. Here is an image.


Or


I should add I live in a country where government surveillance is famously intrusive and the government makes no effort to hide the fact that it monitors my electronic communications. The internet connection I use is not secure at all.

Aren't those web browsers you're using exactly the same? I meant try a totally different browser to test.

[randy8777]

are you sure you are not infected in some way? you should do a scan with multiple antivirus/anti-rootkit/anti-malware

usually there are insecure link, when this appear, you could have some insecure connection going on

Nothing shows up on antivirus, Comodo, McAfee, have tried others. Even immediately after reinstalling the operating system Malware bytes warns that its anti root kit driver cannot load. There is quite a bit of other evidence of a problem with my internet connection, I am just asking opinions about the risk with Cryptsy specifically. I use an SMS protected email and phone SMS to log into cryptsy but once I logged in and it went straight to the logged in area before I even entered the SMS. I have a screen grab of the message it showed on another device and will upload that when I can. Is it possible Cryptsy's SMS service was down briefly and it bypassed the SMS authentication because of reasons on the Cryptsy side?

try scanning your system with hitman pro. while others may not find anything, hitman pro will if your system contains a virus.

[AnotherQuestion]

sha1 fingerprint for cryptsy.com cert should be:

Code:

‎50 d2 75 62 0a 0e 98 17 13 bb 6a 00 fa 95 d2 cc 6d 5f 1e 1c

In case of a MITM it would be different.

You could also try to install HTTPS everywhere[1] and enable SSL Observatory[2] in order to let the plugin check whether the SSL cert is valid or not.


[1] https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
[2] https://www.eff.org/observatory

This would be my biggest worry if you are using wifi not your's and they are stripping ssl out. 

Are you using your own wifi or was this done somewhere elese?  Just as a good rule no one should trust AP that are like "Free Wifi" "Free Internet", etc.   It is sad but a rogue ap is getting cheaper and cheaper.

My modem in a rural area. I may be often the only person within many miles using internet. I already know my connection is not trustable.

Regarding web browsers, yes those screenshots are the same. The first image post did not show up so I copied it twice from two sites but the same issue has been on a few browsers both on android and Windows but AFAIK only at Cryptsy.

[notlist3d]

sha1 fingerprint for cryptsy.com cert should be:

Code:

‎50 d2 75 62 0a 0e 98 17 13 bb 6a 00 fa 95 d2 cc 6d 5f 1e 1c

In case of a MITM it would be different.

You could also try to install HTTPS everywhere[1] and enable SSL Observatory[2] in order to let the plugin check whether the SSL cert is valid or not.


[1] https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
[2] https://www.eff.org/observatory

This would be my biggest worry if you are using wifi not your's and they are stripping ssl out. 

Are you using your own wifi or was this done somewhere elese?  Just as a good rule no one should trust AP that are like "Free Wifi" "Free Internet", etc.   It is sad but a rogue ap is getting cheaper and cheaper.

My modem in a rural area. I may be often the only person within many miles using internet. I already know my connection is not trustable.

Regarding web browsers, yes those screenshots are the same. The first image post did not show up so I copied it twice from two sites but the same issue has been on a few browsers both on android and Windows but AFAIK only at Cryptsy.

Why would it be not trustable if you are living in a rural area miles away from others?   It sounds like a good thing to me.

Also I have no idea if you are or not but even living in a rural area I would encrypt your wifi (don't do WEP or any broken systems).

[Amph]

are you sure you are not infected in some way? you should do a scan with multiple antivirus/anti-rootkit/anti-malware

usually there are insecure link, when this appear, you could have some insecure connection going on

Nothing shows up on antivirus, Comodo, McAfee, have tried others. Even immediately after reinstalling the operating system Malware bytes warns that its anti root kit driver cannot load. There is quite a bit of other evidence of a problem with my internet connection, I am just asking opinions about the risk with Cryptsy specifically. I use an SMS protected email and phone SMS to log into cryptsy but once I logged in and it went straight to the logged in area before I even entered the SMS. I have a screen grab of the message it showed on another device and will upload that when I can. Is it possible Cryptsy's SMS service was down briefly and it bypassed the SMS authentication because of reasons on the Cryptsy side?

try scanning your system with hitman pro. while others may not find anything, hitman pro will if your system contains a virus.

hitmanpro isn't that good lately, in my case is detecting ccminer as a malicious, which ius obviously wrong

malwarebyte is the best, for malware and for virus too

[Kprawn]

What happens if you use the Tor browser? ....or you can boot up with a Linux OS to test if the OS is compromised. {Ubuntu}

I ussually use a Virtual machine - http://en.wikipedia.org/wiki/Virtual_machine to test things, when I run into funny things with my OS.

Hope this was helpfull. 

[notlist3d]

What happens if you use the Tor browser? ....or you can boot up with a Linux OS to test if the OS is compromised. {Ubuntu}

I ussually use a Virtual machine - http://en.wikipedia.org/wiki/Virtual_machine to test things, when I run into funny things with my OS.

Hope this was helpfull. 

Tor is not the greatest as far as security.  You are better off buying a better one if you are going to run though a VPN.  I would go with a professional company.

As far as the virtual machine telling you, chances are not.  You would look for items such as HTTPS being stripped into HTTP version of site.  And web site certificates not being real.

[BillyBobZorton]

Do you use https everywhere? (the plugin called "HTTPS Everywhere").
I think in certain browser it did that, but I use Firefox and it doesn't do it for me.