Is our site safe?

Please use this forum to ask our resident IT geeks advice.
User avatar
Flatline
Posts: 3265
Joined: Sat Jul 11, 2009 10:30 am
Location: Leeds

Is our site safe?

Post by Flatline » Fri Nov 04, 2016 7:41 pm

Here's an article about what google intends to do about unsafe websites

https://www.wired.com/2016/11/googles-c ... ity-model/

I don't get a green lock and https in the address bar which signifies a level of security

Are we affected by this?

User avatar
Wicky
Posts: 7120
Joined: Sat Feb 11, 2006 2:43 pm
Location: Colchester Essex
Contact:

Re: Is our site safe?

Post by Wicky » Fri Nov 04, 2016 8:14 pm

https is being more widely used for enahanced security - It crops up when using eBay / paypal / banking websites.

All the websites I work on are now https due to hosting provider making it so not just the shopping carts ones which had to be previously specially upgraded - So yes this forum as it includes a login should really now upgrade to it - as it is as easy as a click of a button and generally free for the site owner I can't see any reason not to.
It may be that your whole purpose in life is simply to serve as a warning to others.

User avatar
KermitLeFrog
Posts: 1175
Joined: Sat Apr 11, 2015 5:44 pm
Location: Hexham

Re: Is our site safe?

Post by KermitLeFrog » Fri Nov 04, 2016 9:38 pm

This site is a rarity. It has no obvious income. No adverts.

What it does have is costs. Hosting costs money and there is the time and effort involved in keeping it going. I wonder who pays for all of this?

Adding the security certificates and adjusting the software will cost more time and money. Now may be the time for the members to help out. If some people chip in a few bob, whatever amount anyone wants, then it may be reasonable to ask if we can have the site upgraded.

Thoughts everyone?
"I spent a lot of money on booze, birds and fast cars. The rest I squandered" (George Best, RIP)

User avatar
Wicky
Posts: 7120
Joined: Sat Feb 11, 2006 2:43 pm
Location: Colchester Essex
Contact:

Re: Is our site safe?

Post by Wicky » Fri Nov 04, 2016 9:54 pm

Adding the security certificates and adjusting the software will cost more time and money.
It's a free upgrade or can be, depending on the web hosts

https://bigwetfish.hosting/free-comodo- ... tificates/
“The days of paying for SSL Security Certificates are coming to an end. From today we’ll be rolling out free Domain Validated Comodo SSL Certificates across our shared web hosting platforms in the UK and USA. Domain Validated SSLs from this point on will be free for all clients. The only reason you should pay for an SSL product is if you need additional support in implementing the SSL or if you need a specialist SSL such as an EV SSL or a Wildcard SSL. It’s exciting times in the hosting industry and we’re pleased to be playing even a small part to make the internet a more secure and encrypted place.”

Stephen Kinkaid – Big Wet Fish Hosting
Cost if you need someone to press the buttons approx £20
It may be that your whole purpose in life is simply to serve as a warning to others.

User avatar
KermitLeFrog
Posts: 1175
Joined: Sat Apr 11, 2015 5:44 pm
Location: Hexham

Re: Is our site safe?

Post by KermitLeFrog » Fri Nov 04, 2016 10:07 pm

Wicky wrote:Cost if you need someone to press the buttons approx £20
At those prices I might send some work your way!

But, my point still stands. I for one would hate to lose this site. Not only the contact with the people but the huge reservoir of knowledge. I've seen it happen and it's a very sad thing.
"I spent a lot of money on booze, birds and fast cars. The rest I squandered" (George Best, RIP)

User avatar
VTRDark
Posts: 19846
Joined: Sun Mar 18, 2012 9:24 pm

Re: Is our site safe?

Post by VTRDark » Fri Nov 04, 2016 11:50 pm

It can be got for free.
https://letsencrypt.org/

There are varying levels of security and certificates vary. Banking system obviously have a lot stronger systems in place but there is no harm in using another layer of security. It helps prevent middle man attack / snooping or even replacement of content between A and B. But it's like a game of cops and robbers. https is an additional barrier like adding a chain to you front door so you can open the door and still communicate but it can still be broken.

http://arstechnica.com/security/2016/07 ... and-linux/

It's prevention, there is never any guarantees just like with car/bike alarms. Anyone that logs into a public network like a hotspot, Starbucks, the local pub or wherever needs their head testing if they don't go through a VPN in this day and age, especially if they are doing anything that requires the use of any personal details including banking, site logins etc. But hey..we have worse things to worry about these days when folk are using mobile phones (apple pay) and wireless payment systems. :roll:

What would be better is if we were a closed forum so only registered users can see the content and search engine bots should not be allowed access. I wonder how many of our employers spy on what we get up to in our personal life's and what they think of some of our views and opinions. Or worse the tax man or insurance companies in the same way they use other social networking sites. Maybe we could reduce our bike insurance premiums :wink: Roasty's avatar should raise his premiums somewhat :lol: Oh and don't post any pictures of your bikes unless you have declared all them mods :roll:

http://www.telegraph.co.uk/finance/pers ... -10pc.html

ANALYSIS-OF-INSURANCE-UNDERWRITING-USING-SOCIAL-MEDIA-NETWORKING-DATA.pdf

That article you posted flatty is laughable. Google Chrome is like the new Internet Explorer and Google are some of the biggest spies going. They are just as malicious with what they do with your data and they have a back door in with that browser. Jeez google even get permission to have root access built right into you operating systems.

http://www.netsq.com/Documents_html/MakingOfGoogleAPT/
==============================Enter the Darkside

User avatar
Wicky
Posts: 7120
Joined: Sat Feb 11, 2006 2:43 pm
Location: Colchester Essex
Contact:

Re: Is our site safe?

Post by Wicky » Fri Nov 04, 2016 11:50 pm

At those prices I might send some work your way!
It'll need some groundwork done first

It'd need a dedicated IP address (£10 per annum) for SSL to work - currently the website is on a shared server in Denmark with a shed load of other sites.

Whoever runs and pays for the site is a mystery - the domain registrant 'lives' in Aberdeen and has been renewing it year-in-year-out since 2001 with a Danish company.

I agree it's an institution in many ways :-) Hopefully here for a longtime with the accumulated contributions of knowledge and debauchery. If ever they need to ask for any contributions to keep the site up and running I'm sure they'd be many offers of assistance.

Hopefully they've ensured somebody holds a spare set of 'keys' of the site - as it can be problem if the registrant isn't in a postion to renew, and it becomes an issue proving to the hosts who legitimately 'inherits' the site and can access it to keep it running without neccesary logins.
It may be that your whole purpose in life is simply to serve as a warning to others.

User avatar
firestorm_al
Site Admin
Posts: 693
Joined: Mon May 20, 2002 8:56 am
Location: Aberdeen (Scotland - UK)
Contact:

Re: Is our site safe?

Post by firestorm_al » Mon Nov 07, 2016 6:55 am

https access to the site should be up and running now. (I thought I had set it up over a year a go but forgot to click on a check box).

Al.

User avatar
Wicky
Posts: 7120
Joined: Sat Feb 11, 2006 2:43 pm
Location: Colchester Essex
Contact:

Re: Is our site safe?

Post by Wicky » Mon Nov 07, 2016 7:33 am

It may be that your whole purpose in life is simply to serve as a warning to others.

User avatar
Flatline
Posts: 3265
Joined: Sat Jul 11, 2009 10:30 am
Location: Leeds

Re: Is our site safe?

Post by Flatline » Tue Nov 08, 2016 9:05 pm

firestorm_al wrote:https access to the site should be up and running now. (I thought I had set it up over a year a go but forgot to click on a check box).

Al.
That's very kind of you

User avatar
Flatline
Posts: 3265
Joined: Sat Jul 11, 2009 10:30 am
Location: Leeds

Re: Is our site safe?

Post by Flatline » Tue Nov 08, 2016 9:12 pm

cybercarl wrote:

That article you posted flatty is laughable. Google Chrome is like the new Internet Explorer and Google are some of the biggest spies going. They are just as malicious with what they do with your data and they have a back door in with that browser. Jeez google even get permission to have root access built right into you operating systems.

http://www.netsq.com/Documents_html/MakingOfGoogleAPT/
I had a quick look at the article, and I mean quick

Whilst it goes into great detail about what they did, I could not work out what to do about it

Should I be using another browser?

I have explorer and edge and google

User avatar
VTRDark
Posts: 19846
Joined: Sun Mar 18, 2012 9:24 pm

Re: Is our site safe?

Post by VTRDark » Wed Nov 09, 2016 12:57 am

In all honesty do what you like. Most folk go through things none of the wiser and follow what is promoted by those wanting to make money out of us lessor mortals. It's only when things go tits up that people start to wonder why. :lol: My advice would be to use Firefox, Opera or even Safari and Safari is pretty sh1t even though it's made by Apple but then Apple are sh1t these days. They don't think diffrent anymore. Apple make gadgets these days. You watch...they will release the Apple Pippin car next with Core technology and it will most likely go down the same road as the Apple Pippin :roll:

The biggest problem here is that everything has it's risks, some more than others and one has to understand and know how to use, customise, and adapt the technology for their needs and their own security. Never use anything as it comes out of the box so to speak, especially in the mass consumer market. What folk have to understand is that none of these companies have our benefit and best wishes in mind. Market a product, make money, deprecate a product so is obsolete and market a new one, make more money and the cycle continues. Unfortunately the digital technology industry are the biggest crooks going and take advantage of those that don't understand. I believe they even purposely overcomplicate the technology so folk don't understand which makes it easier for them to market and pull the wool over our eyes.

The other problem is that if one does learn and use the technology there eventually comes a stage where ones eyes are truly open to the abuse that the technology is bringing us so one starts to hate something that they once loved so much and ends up wanting a divorce but keeps getting haunted. Humanity is wombles if things keep going the way it's going. It's the children I feel sorry for because they have a sh1t future as machines take over and governments and companies monitor, spy and control even more so. Yes some may say this is for our good but wherever there is good there is evil. If they can do it, then criminals can do it too. Think 1984 or even Terminator as the machines take over. The human race may even be cyborgs by then. They are already planning microchip implants which obviously will be marketed as convenience items to begin with.

I would never open a bank account with a Supermarket but many have and look what's happened with Tescos. :crazy:
http://arstechnica.com/security/2016/11 ... -accounts/
==============================Enter the Darkside

User avatar
Wicky
Posts: 7120
Joined: Sat Feb 11, 2006 2:43 pm
Location: Colchester Essex
Contact:

Re: Is our site safe?

Post by Wicky » Wed Nov 09, 2016 6:37 am

If you have a PC I wouldn't bother with Safari browser as it was discontinued for Windows in 2013.

The Google feature reading through it - seeems to allow it to auto-update itself so security updates are installed in a timely manner.

How to prevent (STOP) Chrome to Auto-Update.
Open Google Chrome and at the “URL Address Bar”, type: chrome//plugins & press “Enter”.
In the listed plugins, find the plugin named “Google Update” and press the “Disable” option under it.
Finally restart your Chrome browser for changes to take effect.

But if you choose to switch of auto-updater rememember to manually chack and install updates often so you don't leave yourself vulnerable.
It may be that your whole purpose in life is simply to serve as a warning to others.

User avatar
sirch345
Site Admin
Posts: 17041
Joined: Mon Aug 25, 2003 9:35 pm
Location: Cornwall, UK

Re: Is our site safe?

Post by sirch345 » Wed Nov 09, 2016 10:17 pm

A good read this, well done guy's :thumbup:

Flatty, I use Firefox and Opera browsers most of the time, just a bit of reassurance from me reflecting in Carl's suggestion for an alternative browser,

Chris.
A closed mouth gathers no foot. :thumbup:

User avatar
VTRDark
Posts: 19846
Joined: Sun Mar 18, 2012 9:24 pm

Re: Is our site safe?

Post by VTRDark » Thu Nov 10, 2016 3:07 pm

Off topic but.....

This is our future.
https://www.theguardian.com/world/video ... deo-report

Next we will have mobile phone or tablet devices implanted into us with a built in flexible screen implant under the skin. We only need a port implanted then so we can plug ourselves in and recharge. Maybe it will be sold to us under extreme body modifications as that becomes as fashionable as tattoo's. There's another good reason for extreme body modifications and that is that it breaks us free from facial recognition software. Maybe I will get some implants to make me look like a Klingon. All one needs to do is break up the triangular area around the eyes, nose and mouth Then how about buying some stealth clothing. It's no wonder they want to ban burka's and hoodies get a bad rep.

https://ahprojects.com/projects/stealth-wear/

A friend of mine has updated his operating system to Mac OSX Sierra and since then his older Graphire4 Wacom graphics tablet is no longer working and there are no drivers available so having to rely on third party support. The same story that has happened with many printers over the years. The tablet still works from an electronic / mechanical view and there is nothing wrong with it accept he can't get it to talk to the later system because of software. He will eventually be forced to dispose of it and purchase a later tablet. So much for being eco friendly as it will either end up as a giant coaster or on a landfill all in the name of these big companies making more money otherwise they would make stuff so it's backwards compatible.

The corporate world is not a good one. We really should try and support local independent businesses wherever possible and wherever they still hold on by a thread.
==============================Enter the Darkside

Post Reply