Bitcoin Forum
December 04, 2016, 08:25:57 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: No HTTPS  (Read 1238 times)
btcparanoid
Newbie
*
Offline Offline

Activity: 2


View Profile
May 17, 2011, 09:02:36 PM
 #1

HTTPS is broken. This coupled with reports of irregular IP addresses makes me wonder if somebody may be currently intercepting login credentials for this site.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480883157
Hero Member
*
Offline Offline

Posts: 1480883157

View Profile Personal Message (Offline)

Ignore
1480883157
Reply with quote  #2

1480883157
Report to moderator
1480883157
Hero Member
*
Offline Offline

Posts: 1480883157

View Profile Personal Message (Offline)

Ignore
1480883157
Reply with quote  #2

1480883157
Report to moderator
kseistrup
Hero Member
*****
Offline Offline

Activity: 565


Unselfish actions pay back better


View Profile WWW
May 17, 2011, 09:08:52 PM
 #2


HTTPS is broken. This coupled with reports of irregular IP addresses makes me wonder if somebody may be currently intercepting login credentials for this site.

+1

Klaus Alexander Seistrup
http://about.me/kseistrup
Basiley
Jr. Member
*
Offline Offline

Activity: 42


View Profile
May 20, 2011, 07:47:41 AM
 #3

HTTPS is broken. This coupled with reports of irregular IP addresses makes me wonder if somebody may be currently intercepting login credentials for this site.
same issues and same concern.
can anyone[preferably forum admin]post authentic IP-adress ? there and somewhere tamper-proof[I2P ?]
SmokeTooMuch
Legendary
*
Offline Offline

Activity: 873


View Profile
May 20, 2011, 03:52:56 PM
 #4

yep, https isn't working on the main site anymore, but it still works on forum.bitcoin.org

Date Registered: 2009-12-10 | I'm using GPG, pm me for my public key. | Bitcoin on Reddit: https://www.reddit.com/r/btc
You like what I'm doing? Why don't you send me a coin: 17Pj8jpUgY6qTaKgiopL5U48zxU4rTrkuB
sirius
Bitcoiner
Staff
Sr. Member
****
Offline Offline

Activity: 429



View Profile
May 22, 2011, 02:45:52 PM
 #5

We have a StartSSL certificate now.

Identifi - Decentralized address book with trust ratings
I'm not a forum admin - please contact theymos instead.
sirius
Bitcoiner
Staff
Sr. Member
****
Offline Offline

Activity: 429



View Profile
May 22, 2011, 02:57:42 PM
 #6

Bitcoin.org is on sf.net and they don't support https.

Identifi - Decentralized address book with trust ratings
I'm not a forum admin - please contact theymos instead.
da2ce7
Legendary
*
Offline Offline

Activity: 1218


Live and Let Live


View Profile
May 22, 2011, 05:14:51 PM
 #7

updated https everywhere rule-set that redirects the old https forum links: http://www.bitcoinservice.co.uk/files/875

One off NP-Hard.
phillipsjk
Legendary
*
Offline Offline

Activity: 1008

Let the chips fall where they may.


View Profile WWW
June 12, 2011, 05:16:14 PM
 #8

Good to know. (I found this thread by actually using the "search" function)

HTTPS provides authentication (through the use of certificates) as well as encryption. Of course, if you don't trust organizations like VeriSign, you need and out-of-band method for communicating the public key.

Since the forums seem to support HTTPS, the link from http://bitcoin.org (http://bitcointalk.org/
) should be changed to use HTTPS by default. Until about 2 months ago, I did not understand the need for ubiquitous encryption; even of publicly available information. Then I read this:
Quote
Advertising-UNISERVE shall have the right, without notice, to insert advertising data into the Internet browser used by a UNSERVE customer, and transferred to a UNISERVE customer over UNISERVE’s network, so long as this does not involve UNISERVE transmitting any personal information of the customer to whom such data is sent in contravention of the UNISERVE Privacy Commitment;
- Section 27e, My ISP's Updated Terms of service.

PS: I don't use HTTPS everywhere because I leave Scripting disabled most the time.
PPS: I know my website does not support encryption. My webshost wants $200/year for a certificate.

James' OpenPGP public key fingerprint: EB14 9E5B F80C 1F2D 3EBE  0A2F B3DE 81FF 7B9D 5160
wumpus
Hero Member
*****
Offline Offline

Activity: 798

No Maps for These Territories


View Profile
June 13, 2011, 01:59:02 PM
 #9

Since the forums seem to support HTTPS, the link from http://bitcoin.org (http://bitcointalk.org/
) should be changed to use HTTPS by default.
+1

The reason that the link is still http is afaik because we used to have a self-signed certificate. This is fixed now, however.

Forum should be HTTPS by default. Preferably, HTTP should be disabled completely, and cookies should be set to secure (SSL-only).

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!