The lack of a secure login means that your login (username/password) is in the clear and theoretically (if someone is listening on the network or monitoring your WI-FI) your credentials can be read and someone else can log in as you. So, suppose someone does log in as you.A https-login will be expensive for the site-owner. This function needing other sites more, per example sales-sites or banking-sites. Not this hobby- and fun-site. Ignore easyly the warning!
Excellent analysis. The likelihood and motivation for someone to hijack your identity here is very low.The lack of a secure login means that your login (username/password) is in the clear and theoretically (if someone is listening on the network or monitoring your WI-FI) your credentials can be read and someone else can log in as you. So, suppose someone does log in as you.
(1) They can post in your name.
(2) They can read and modify your profile.
(3) They can IM other people and the recipient will think the messages are from you. They can read your correspondence.
So what can that do? It can give you a bad name on the site, and tick off others, even your friends.
Your profile can be altered to make you look bad.
What else? No credit cards. If your profile is a little dishonest anyway (mine is--my birthday is wrong, my location is general), and I believe most people's are--some don't even give their location or gender, there is little harm done. Are they going to locate every military firing range in the UK to track down Racing Rodent?
It takes some effort and skill to read a login over a network--pluck it out of the formatted "packets" you intercept. If there is malware on your machine that does it, or malware on one of the other machines on your trusted local network, you have a lot more worries than your crux forums credentials being stolen. If the crux forums site itself has malware, things can be stolen anyway, https or no.
If you are donating to the site, someone could up our contribution. That may hurt you but doesn't really help them.
Is there anything else anyone can think of? I assume most people don't have credit card numbers, home addresses, or telephone numbers on this site.
(Of course if anyone pisses off Tree when posing as you, he may come looking for you. But, can he find you through the Seagram's fog using the vague information in your profile? It is, as Holmes would say, probably not "elementary".)
Well, then I take back any birthday wishes I might have posted!If your profile is a little dishonest anyway (mine is--my birthday is wrong,
My concern is not that somebody hijacks my account here or steals my creditcard number (which I won't use here anyway).
My concern is that whatever I transmit from my notebook to this lovely forum is transmitted in an easily readable way. Any hacker with beginner knowledge, or even worse, any technician at my Internet Provide can read what I am writing or downloading here. And that is sensitive in a way.
I cannot ignore that challenge. You leave me no choice but to "out" you, Windar:
View attachment 736727
One MILLION dollars!!!
It's better than "Publish or Perish"I’m at a point in my life that "Publish and be damned!" is a viable option.
Sure, but do you really think they are? Even if it were encrypted, they would know you are posting at CruxForums. There are many things I worry about in life-climate change, wars, cancer, financial crashes, the heartbreak of psoriasis-but that is down the listAny hacker with beginner knowledge, or even worse, any technician at my Internet Provide can read what I am writing or downloading here.
My concern is that whatever I transmit from my notebook to this lovely forum is transmitted in an easily readable way. Any hacker with beginner knowledge, or even worse, any technician at my Internet Provide can read what I am writing or downloading here. And that is sensitive in a way.
If you want online privacy then use a VPN. There are several free ones available. To be honest I think you are worrying about nothing.My concern is not that somebody hijacks my account here or steals my creditcard number (which I won't use here anyway).
My concern is that whatever I transmit from my notebook to this lovely forum is transmitted in an easily readable way. Any hacker with beginner knowledge, or even worse, any technician at my Internet Provide can read what I am writing or downloading here. And that is sensitive in a way.
Hi,
I have a question: Would it be possible to enable secure (HTTPS) connections to this site? Right now, everything done on this site (logging in with password, uploading and receiving pictures and stories) is insecure.
Thanks
MoN