Bay 12 Games Forum

Please login or register.

Login with username, password and session length
Advanced search  
Pages: 1 2 3 [4]

Author Topic: Update ALL THE THINGS. [WPA2 Vulnerability] [Infosec Thread]  (Read 5091 times)

milo christiansen

  • Bay Watcher
  • Something generic here
    • View Profile

Oh no, now there is a chance that people can snoop my unencrypted (eg, not HTTPS) wireless traffic before it reaches the internet proper. What a disaster. /s

Honestly, why is anyone in the least bit worried about this? If your traffic isn't already encrypted, then any server your traffic is routed through could listen in, WPA2 or no. The only real worry I can think of is wireless intranets and such. Use HTTPS or a VPN, preferably both.

(Speaking of HTTPS, someone should point Toady at Let's Encrypt...)
Logged
Rubble 8 - The most powerful modding suite in existence!
After all, coke is for furnaces, not for snorting.
You're not true dwarven royalty unless you own the complete 'Signature Collection' baby-bone bedroom set from NOKEAS

nenjin

  • Bay Watcher
  • Inscrubtable Exhortations of the Soul
    • View Profile

Yeah, I'd really appreciate if the forums ran off of HTTPS. If for nothing else than I'm tired of Firefox warning the connection is insecure every time I try to log in.
Logged
Cautivo del Milagro seamos, Penitente.
Quote from: Viktor Frankl
When we are no longer able to change a situation, we are challenged to change ourselves.
Quote from: Sindain
Its kinda silly to complain that a friendly NPC isn't a well designed boss fight.
Quote from: Eric Blank
How will I cheese now assholes?
Quote from: MrRoboto75
Always spaghetti, never forghetti

MoonyTheHuman

  • Bay Watcher
  • I think the DEC VAX hates me.
    • View Profile
    • hellomouse

TOADY ONE, WE SUMMON THEE. GET  HTTPS CERT AND USE IT PLEASE.

Tiruin

  • Bay Watcher
  • Life is too short for worries
    • View Profile

Yeah, I'd really appreciate if the forums ran off of HTTPS. If for nothing else than I'm tired of Firefox warning the connection is insecure every time I try to log in.
I recall requests can either be PM'd to Toady One, or...one could invariably use the 'report' feature, although that would be a polar opposite of its intended use. :P
Better to just PM him :) And I agree. Everytime I logged in at public PC areas, I'd get that 'connection insecure' mention too.
Logged

da_nang

  • Bay Watcher
  • Argonian Overlord
    • View Profile
Logged
"Deliver yesterday, code today, think tomorrow."
Ceterum censeo Unionem Europaeam esse delendam.
Future supplanter of humanity.

nenjin

  • Bay Watcher
  • Inscrubtable Exhortations of the Soul
    • View Profile
Re: Update ALL THE THINGS. [WPA2 Vulnerability] [Infosec Thread]
« Reply #50 on: October 25, 2017, 05:30:56 pm »

From the Toad:

Quote
Quote from: nenjin on Today at 08:03:05 am

    The last few years browsers have started more aggressively notifying you when the connection is insecure.

    I spend a lot of time on these forums and I know others do as well. Is there anyway we could get the forum running on HTTPS? I think it'd make a lot of us feel safer browsing on the forums.

    Thanks!


Yeah, we've been looking at that, but it's a mess.  Once the next release is up and stabilized, we might take some time with it, since it'll be a long process -- we also have to upgrade other aspects of the server to get the next SMF patch to work.

According to people that have looked at what's being sent back and forth, I'd recommend making sure you don't use your username/password combination elsewhere if you are using the forum on coffee shop wifi or something.
Logged
Cautivo del Milagro seamos, Penitente.
Quote from: Viktor Frankl
When we are no longer able to change a situation, we are challenged to change ourselves.
Quote from: Sindain
Its kinda silly to complain that a friendly NPC isn't a well designed boss fight.
Quote from: Eric Blank
How will I cheese now assholes?
Quote from: MrRoboto75
Always spaghetti, never forghetti

milo christiansen

  • Bay Watcher
  • Something generic here
    • View Profile
Re: Update ALL THE THINGS. [WPA2 Vulnerability] [Infosec Thread]
« Reply #51 on: October 25, 2017, 07:14:51 pm »

There is hope on the horizon!
Logged
Rubble 8 - The most powerful modding suite in existence!
After all, coke is for furnaces, not for snorting.
You're not true dwarven royalty unless you own the complete 'Signature Collection' baby-bone bedroom set from NOKEAS
Pages: 1 2 3 [4]