Forum

Poll

Favourite Spyro the Dragon boss?
View Results
Page 1 of 1
Site Not Secure? [CLOSED]
UB_test_account Red Sparx Gems: 50
#1 Posted: 02:05:29 14/06/2017 | Topic Creator
[User Posted Image]

Had to dig out my laptop for a project I was working on. Forgot how comfy it is to lie back and relax with it - got to browsing the web for post-e3 news. Stopped by here and saw that the site isn't secure - meaning folks can easily get user's log-in details if their connection is compromised (and it likely is - you'll never know). If you're using the same password on this account as other accounts, I highly, highly suggest you change those passwords ASAP (also, don't use the same passwords across multiple accounts. That's asking for trouble).

Logged into my old Test Account because I didn't want to risk logging in with my primary account/password. Figure this might be worth addressing (and something folks should be aware of).

Thanks. -UB
Trix Master 100 Hunter Gems: 5504
#2 Posted: 02:38:39 14/06/2017
Even though this may not be reassuring at all (at least for you). It's pretty much just saying "don't post any private info on the site" aka passwords in such (Which there is a rule set in place for). Also in the settings you can disable multiple logins which can help with whatever issue you have.

Plus is a forum site? Granted hack attacks have existed since the dawn of hackers, but this is a public forum site, is there really anything to gain from hacking a site of a cartoon dragon? Unless you posted you bank account number plus your PIN on your profile or any of your posts (which would really dumb and you kind of should've known better really). Than I really would not worry about someone getting your account. Exactly what are they gonna do when they have your account in specific? Post? That's pretty much all they can do.

It's still the same site just, now you know that it along with other sites (that actually have something that you can lose outside of a posting power) isn't the most secure thing and don't be a dumb and give out your password. That's about all I can say. Idk why you made a post to try freak people out.
---
乇乂ㄒ尺卂 ㄒ卄丨匚匚

Avatar from Empoh
UB_test_account Red Sparx Gems: 50
#3 Posted: 02:50:51 14/06/2017 | Topic Creator
I'm going to be short because you have a history of not really listening to explanations or caring about something once you've made up your mind on it.

This post isn't to try and freak anyone out. At all.

Please read up on HTTPS and why every website everywhere should use it.

https://developers.google.com/...ansit/why-https
https://support.mozilla.org/en...ource=inproduct

Quote:
An attacker can replace the HTTP content on the page you're visiting in order to steal your credentials, take over your account, acquire sensitive data about you, or attempt to install malware on your computer.


On a website that isn't secured by HTTPS, a user can intercept, read, and change every single bit of data between the user and the website. This means when you enter your password to log-in, that other individual can read your password. If you use the same password on multiple site (which you shouldn't do anyway), that individual can log into your other accounts on other websites. The individual would be able to read your PMs. Edit your guestbook. Send PMs from your account. Install malware onto your device (how often do we get someone posting about getting terrible pop-up ads and such?)

HTTPS is nearly standard on every site everywhere and I'm surprised to find out that dS doesn't use it.

With all that said (and resources direct from Google and Mozilla to back it up), please refrain from replying when you don't have the full information to do such. Thanks.
Edited 1 time - Last edited at 02:58:03 14/06/2017 by UB_test_account
Trix Master 100 Hunter Gems: 5504
#4 Posted: 03:23:45 14/06/2017
Judging from what I have read. While I do agree more sites should have a HTTP things going on (such as game sites or art upload sites, you know sites where you can actually lose things on and should be secure in the first place). I am still practically gonna say what I said before since this a forum site and not a site where people can lose a lot of actual things (like out of all the things you decided freak out on the most worthless type of account).

You are practically causing some fear mongering because you figured out a Forum site that is not secure and fearful of being essentially hacked into an account (even though it's been like for years on end). Even though a rule has been set in place about posting private information which includes pms, guestbooks, and so on (All the way at the bottom if you wanted to know). Plus it's pretty much a rule of thumb for everyone to not use the same password for other sites (or even share them). Parents are even teaching their kids this because sometimes the most secure sites with HTTP actually get hacked into and get information as well (not because they were on a insecure site, but because people would know how to actually hack). Not saying HTTP is pointless, just saying it's more secure, but not perfectly secure.

I just don't know why you're bringing it up now, when I believe most people know these simple things and it kind of doesn't really change a thing. Or really why you're using your alt because you kind of got not nothing to lose unless you posted way too much private information via pm, but I thought you would be able to follow that rule at the least.
---
乇乂ㄒ尺卂 ㄒ卄丨匚匚

Avatar from Empoh
UncleBob Emerald Sparx Gems: 4565
#5 Posted: 03:40:17 14/06/2017
Wow. Did you read the OP at all? I literally explained exactly why I am just now bringing it up and why I used the alt to do so. It's like you're not even trying to understand the issue at the simplest, most basic levels.

Like, above, where I quoted from a very reliable source where someone can change the data obtained from an unsecured HTTP connection in order to install Malware onto your device. Meaning it doesn't matter what you use this fan forum for - if you have Malware installed on our device, then EVERYTHING you do on that device is now obtainable to said individual. Every social media outlet out post to, every email you send or read, every credit card you use online, every purchase you make, every bill you pay (for those of us who have bills), and every account you log into are now accessible to an attacker. This isn't just about what you do on dS. This is your entire internet life.

It should be noted, there are several free HTTPS services out there and it takes minimal time and effort to implement.
---
"When you tear out a man's tongue, you are not proving him a liar, you're only telling the world that you fear what he might say."
Trix Master 100 Hunter Gems: 5504
#6 Posted: 03:51:56 14/06/2017
As for the Malware bit which I actually forgot to talk about. If you actually know how to take care of a computer (which should be simple) it's called "Scan your computer and get rid of the viruses".

If you literally don't know what a computer virus scan is then you should not be using the internet. It's that simple. Be careful about sites and scan your computer often. It's just as easy as implementing a HTTP (if not more easy, because you're doing it yourself and not complaining to a admin that rarely pops on).
------------------

I personally don't think you're understanding me either. If you managed to get a malware from a site, than you were being reckless yourself and should've been more careful and take of your computer and what you look up. Like it's not against the law to not have HTTP so I don't really get what you're going at with this argument or thread.
---
乇乂ㄒ尺卂 ㄒ卄丨匚匚

Avatar from Empoh
ThroneOfMalefor Gnorc Gems: 4076
#7 Posted: 04:04:22 14/06/2017
it's a dragon website
you can worry if this were tdbank.com or some ****

bob you are paranoid
trix you are going too hard slow down partner
UncleBob Emerald Sparx Gems: 4565
#8 Posted: 04:10:24 14/06/2017
Trix: do what you want. I don't care. You obviously believe you know plenty about the internet (PS: Malware isn't a virus, a virus scanner alone won't detect Malware, and even a Malware or virus/Malware combo scanner can only detect known Malware. Folks who think that having a virus scanner installed protects them are the same kinds of people who get hit by something like WannaCry (an estimated quarter million victims in the FIRST DAY the Malware was discovered), so you do you, boo.

You are the one who has, once again, turned something into an argument. Perhaps you should come clean with what you're getting at by turning this into an argument. Or don't. Because I simply don't care. Good bye.
---
"When you tear out a man's tongue, you are not proving him a liar, you're only telling the world that you fear what he might say."
Trix Master 100 Hunter Gems: 5504
#9 Posted: 04:22:36 14/06/2017
I guess I am stopping the paranoia then. Bye.
---
乇乂ㄒ尺卂 ㄒ卄丨匚匚

Avatar from Empoh
Page 1 of 1

Please login or register a forum account to post a message.

Username Password Remember Me