Jump to content

Adding SSL to this site to prevent ISP and others from tracking you. There are free options


j28791

Recommended Posts

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

Agreed and just in general, not because of govt spying. Its been mentioned before with some of the techy types offering to help and/or pay for the certificates.

 

Perhaps (hopefully) it will be part of the board upgrade that is being tested but IMO the time to be messing with the board would not be until we get past this spring legislative session.

 

A significant upgrade certainly requires lots of planning from potential data conversions to backout plans, convert/load/restore times, etc.

Link to comment
Share on other sites

 

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

Agreed and just in general, not because of govt spying. Its been mentioned before with some of the techy types offering to help and/or pay for the certificates.

 

Perhaps (hopefuly) it will be part of the board upgrade that is being tested but IMO the time to be messing with the board would not be until we get past this spring legislative session.

 

A significant upgrade certainly requires lots of planning from potential data conversions to backout plans, convert/load/restore times, etc.

 

Agreed sir!

Link to comment
Share on other sites

 

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

Agreed and just in general, not because of govt spying. Its been mentioned before with some of the techy types offering to help and/or pay for the certificates.

Perhaps (hopefuly) it will be part of the board upgrade that is being tested but IMO the time to be messing with the board would not be until we get past this spring legislative session.

A significant upgrade certainly requires lots of planning from potential data conversions to backout plans, convert/load/restore times, etc.

An SSL won't help with government spying, you're on a public forum where anyone can register. It's just a good security practice to prevent hijacking by malicious link farms and Spyware installers.

 

Typically someone could man in the middle an admin password and spam the place up. This could be from a hacked home router, or other methods. SSL will encrypt traffic, but without SSL you can use a packet capture program that shows everything you're typing. Anyone that's even slightly interested by this stuff should grab a copy of Wireshark.

 

I can name a million other ways the government can and is spying on you that you cannot do anything about.

Link to comment
Share on other sites

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

As pointed out above, this is a public forum. There's no hidden information. The only thing SSL would do is keep your Internet service provider from stealing your password. I doubt AT&T or Comcast really care.

Link to comment
Share on other sites

 

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

As pointed out above, this is a public forum. There's no hidden information. The only thing SSL would do is keep your Internet service provider from stealing your password. I doubt AT&T or Comcast really care.
Not just the service provider but if I have to use the free wireless at the hospital or car dealership to connect, I'd much rather not have my ID and pwd exposed to anyone else on the network system snooping traffic.
Link to comment
Share on other sites

I would also strongly emphasize if you use the same password for this site for anything more important to immediately change that password elsewhere.

 

Like I said before, there are some pretty easy ways to grab passwords off non SSL logins. Public Hotspots being the easiest, especially since phones often times automatically connect to them. Malicious people look for this because they know people often use the same passwords for other more secure stuff.

 

Not just the service provider but if I have to use the free wireless at the hospital or car dealership to connect, I'd much rather not have my ID and pwd exposed to anyone else on the network system snooping traffic.

Most commercial wifi equipment has packet capture built right in so all it takes is a bored IT guy to see exactly what you're browsing on a non SSL site.
Link to comment
Share on other sites

I would also strongly emphasize if you use the same password for this site for anything more important to immediately change that password elsewhere.

Like I said before, there are some pretty easy ways to grab passwords off non SSL logins. Public Hotspots being the easiest, especially since phones often times automatically connect to them. Malicious people look for this because they know people often use the same passwords for other more secure stuff.

Not just the service provider but if I have to use the free wireless at the hospital or car dealership to connect, I'd much rather not have my ID and pwd exposed to anyone else on the network system snooping traffic.

Most commercial wifi equipment has packet capture built right in so all it takes is a bored IT guy to see exactly what you're browsing on a non SSL site.
Sure. It isnt the bored IT guy that concerns me as much as the guy (or gal) sitting on the other side of the hospital waiting room. But I think we are in agreement that SSL is a best practice and hopefully we will see it in the future board versions.
Link to comment
Share on other sites

 

 

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

As pointed out above, this is a public forum. There's no hidden information. The only thing SSL would do is keep your Internet service provider from stealing your password. I doubt AT&T or Comcast really care.
Not just the service provider but if I have to use the free wireless at the hospital or car dealership to connect, I'd much rather not have my ID and pwd exposed to anyone else on the network system snooping traffic.

 

 

Subscribe to a VPN service or install an endpoint on your home router. All your traffic will be encrypted back to the end point and you'll have less to worry about on public access networks.

Link to comment
Share on other sites

 

I think it would be great is SSL could be added to the site. Especially with the environment we have around guns these days plus all the government spying that goes on.

Agreed and just in general, not because of govt spying. Its been mentioned before with some of the techy types offering to help and/or pay for the certificates.

 

Perhaps (hopefully) it will be part of the board upgrade that is being tested but IMO the time to be messing with the board would not be until we get past this spring legislative session.

 

A significant upgrade certainly requires lots of planning from potential data conversions to backout plans, convert/load/restore times, etc.

 

 

They actually offer some for free and I bet there are web developer people on this forum that can help site admins set up the SSL

Link to comment
Share on other sites

I have been using "LetsEncrypt" for the last 2 years on about 8 websites - it works great and it is free and (depending on the operating system) easy to set up. Very few requirements except that the site is both IPv4 and IPv6 compatible.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...