Hector
Well-Known Member
- Joined
- Jul 19, 2015
- Messages
- 797
- Reaction score
- 481
Why no SSL certificate ?
- Thread starter Hector
- Start date
Hector
Well-Known Member
- Joined
- Jul 19, 2015
- Messages
- 797
- Reaction score
- 481
That's not actually true. You may want to read this:
https://serverguy.com/security/google-forcing-ssl-certificate-websites/
https://fourdots.com/blog/why-you-need-ssl-to-rank-better-in-2016-and-how-to-set-it-2169
In any case, it's not like certificates are expensive these days, you can get a yearly one for around USD 20.
https://serverguy.com/security/google-forcing-ssl-certificate-websites/
https://fourdots.com/blog/why-you-need-ssl-to-rank-better-in-2016-and-how-to-set-it-2169
In any case, it's not like certificates are expensive these days, you can get a yearly one for around USD 20.
Last edited:
I actually have no clue and would have to ask the admin as he does know what's going on and why!
AngelDeVille
Well-Known Member
- Joined
- Mar 30, 2017
- Messages
- 1,470
- Reaction score
- 1,823
We don't need no stinkin SSL certificates..
jjudas
Well-Known Member
Norlin SG
Well-Known Member
- Joined
- Oct 20, 2012
- Messages
- 641
- Reaction score
- 421
Because of all the online buying people do on ETSG maybe? Lets do the math. In the last 5 years I have purchased $zero on the ETSG website and store zero personal info on the ETSG website.
Just guessing, but I would imagine that the 10,000 or so members here pretty much have the same history.
PSA: One of the best things you can do for security is never store passwords or user names on your computer for logging into any site you might have an account on that you don't want compromised and never log into a site that you don't want hacked if you are even visiting an unsecured site such as this most lovely site.
Last edited:
Hector
Well-Known Member
- Joined
- Jul 19, 2015
- Messages
- 797
- Reaction score
- 481
Google and Facebook essentially own the internet (influencing nearly 3/4 of all traffic).
Google wants the internet "secured" using https. So they have set a rule saying that they will be showing search results for https secured sites first (and eventually only).
That means if this forum doesn't play by Google's rules, then it will be seriously handicapped in terms of placement in search results.
That begs the question: How many of the members joined here as a result of having used Google to search about SGs ? It would be interesting to see the statistics.
So, if you put two and two together, not having the https = a dying forum.
But hey, if you don't care, then simply ignore my question and say no thanks, it's no skin off my back.
Google wants the internet "secured" using https. So they have set a rule saying that they will be showing search results for https secured sites first (and eventually only).
That means if this forum doesn't play by Google's rules, then it will be seriously handicapped in terms of placement in search results.
That begs the question: How many of the members joined here as a result of having used Google to search about SGs ? It would be interesting to see the statistics.
So, if you put two and two together, not having the https = a dying forum.
But hey, if you don't care, then simply ignore my question and say no thanks, it's no skin off my back.
eS.G.
Well-Known Member
YOur concern for everyone's searchability is interesting Hector........very, interesting.
Relic61
Well-Known Member
And if I'm correct Hector, this is partly or mostly due to the US FCC not voting for net neutrality or in reality, repealing the Net Neutrality policy in the US. Now instead of policy (in the US) saying all sites must be treated equally (as in search results & bandwidth access for traffic flow) we have given control of such things back over to the established big players of the internet realm to set the rules & conduct of how the internet business game is going to be played. In other words, big money has won the day & now controls the internet playing field.
While I'm a capitalist at heart I also believe in fairness & making sure the rich, powerful & strongly established don't monopolize their control & interfere, prevent or just make it harder or near impossible for the little guys, start-ups & special interests to get the same access & treatment.
So as Hector rightly points out, if we here at ETSG aren't playing the new internet game by the new rules being established by the big dogs, we are opening ourselves & this forum up to the potential dangers & consequences.
The times they are a changing fellas.
While I'm a capitalist at heart I also believe in fairness & making sure the rich, powerful & strongly established don't monopolize their control & interfere, prevent or just make it harder or near impossible for the little guys, start-ups & special interests to get the same access & treatment.
So as Hector rightly points out, if we here at ETSG aren't playing the new internet game by the new rules being established by the big dogs, we are opening ourselves & this forum up to the potential dangers & consequences.
The times they are a changing fellas.
Hector
Well-Known Member
- Joined
- Jul 19, 2015
- Messages
- 797
- Reaction score
- 481
It's purely selfish: I'm only interested in keeping alive those that I like
Forums that is...
Norlin SG
Well-Known Member
- Joined
- Oct 20, 2012
- Messages
- 641
- Reaction score
- 421
I think Microsoft is already doing the SSL thing with their Edge browser. As a plus Edge only allows you to use Bing as a search engine. Oh, and Edge can't be un-installed because it is part of the OS, the same as with that nasty spyware app called Cortana.
With Windows Ten, they gave it away for free because by default windows 10 collects info on you and sends it to a Microsoft account they highly "recommend" people to open. They figured out that they can make more money off of you by spying on you and controlling what is on your computer.
Just one example of Microsoft's scumbag tricks is if you remove the X-Box app from you your computer,
The next forced Windows update (All updates are forced) will re-install it. Apparently, removing Microsoft's money making X-Box app from your computer you bought and paid for with your own money is a serious security violation.
The SLL thing is just the tip of the iceberg for slimy underhanded things that are in store for us.
https://www.theregister.co.uk/2017/04/06/microsoft_windows_10_creators_update/
Thanks Hector for posting. You have touched on something that is just a small part of some slimeball things in store for us as internet users.
With Windows Ten, they gave it away for free because by default windows 10 collects info on you and sends it to a Microsoft account they highly "recommend" people to open. They figured out that they can make more money off of you by spying on you and controlling what is on your computer.
Just one example of Microsoft's scumbag tricks is if you remove the X-Box app from you your computer,
The next forced Windows update (All updates are forced) will re-install it. Apparently, removing Microsoft's money making X-Box app from your computer you bought and paid for with your own money is a serious security violation.
The SLL thing is just the tip of the iceberg for slimy underhanded things that are in store for us.
https://www.theregister.co.uk/2017/04/06/microsoft_windows_10_creators_update/
Thanks Hector for posting. You have touched on something that is just a small part of some slimeball things in store for us as internet users.
Worblehat
Well-Known Member
- Joined
- Mar 14, 2018
- Messages
- 506
- Reaction score
- 420
I hope it does not look presumptuous for a new member like me trying to give some advice. But as an IT guy I can't condone this topic.
HTTPS for websites has been neglected far to long in general. I think it should have been the default long ago for all websites where a user can enter anything. And this is absolutely not related to corporations forcing anything but it is an issue of privacy and security.
You wouldn't write confidential information on a post card and send it to someone, where anyone in between could read and wrongly use this information. Would you? So why is everyone ok with sending unencrypted login credentials over the internet? This is especially relevant today where many people use open public wifis (in hotels etc).
Nowadays it is no big deal to get and install an SSL-certificate for free (see https://letsencrypt.org/). I recently did this for my own server. So I think it would be a very good idea to do this for everythingsg.com, too. I'd provide support if needed to implement this...
HTTPS for websites has been neglected far to long in general. I think it should have been the default long ago for all websites where a user can enter anything. And this is absolutely not related to corporations forcing anything but it is an issue of privacy and security.
You wouldn't write confidential information on a post card and send it to someone, where anyone in between could read and wrongly use this information. Would you? So why is everyone ok with sending unencrypted login credentials over the internet? This is especially relevant today where many people use open public wifis (in hotels etc).
Nowadays it is no big deal to get and install an SSL-certificate for free (see https://letsencrypt.org/). I recently did this for my own server. So I think it would be a very good idea to do this for everythingsg.com, too. I'd provide support if needed to implement this...
Relic61
Well-Known Member
Awfully nice of you! Now for convincing someone that is actually able to bust a move up in here & we good.
(pardon my faux snarky attitude. just trying to sound like a frustrated in the know hipster that's actually up on $#it & can't believe some still aren't. chayah)
AngelDeVille
Well-Known Member
- Joined
- Mar 30, 2017
- Messages
- 1,470
- Reaction score
- 1,823
I honestly have no clue what an ssl certificate is.
I can't say I care to have it explained.
I can't say I care to have it explained.
Hector
Well-Known Member
- Joined
- Jul 19, 2015
- Messages
- 797
- Reaction score
- 481
The "free" certificates are used by every Russian scammer site on the internet. I highly recommend that we get one from an "official" certificate provider rather than a free one.
Worblehat
Well-Known Member
- Joined
- Mar 14, 2018
- Messages
- 506
- Reaction score
- 420
Yes there have been dubious certificate authorities that offered free certificates. But Let's Encrypt is completely different. They developed a procedure to perform actual verification in an automated process. Therefore the certificates can be issued without charge and they are as trusted as any other certificate authority. Just look at their sponsor list...
Relic61
Well-Known Member
Let's be smart & do this right. Harumph! Harumph!
GrumpyOldDBA
Well-Known Member
Yeah its totally bogus not to be using https ... anyone that uses a forum like this that does not have it needs to be careful.
