New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
protect from what ???
Ha! I see a "Thanks"-Button before that happens!
well as of current all traffic is sent in plain text meaning I can theoretically steal your password and take over your account.
I will keep out of this discussion. Unless @Taz is here!
Or do what yahoo does and sha1 the password with JavaScript before it is sent over http:
How many people are paying with credit card for access to LET? HTTPS is a waste of time for a forum.
Yes, you can steal it if you can reach one of the hops between me and let... not gonna happen, lol
I want a spam protection before that and community ban system - ban people by voting them ban for 1 day and if a lot of people press same, you get banned for 1 day.
Is there an issue with using a cheap one?
@Mun, You should really understand how internet works.
Ironic....
....facepalm, what don't I understand now ohhh wise one.
If a hacker had root access to the LET server, they would disable HTTPS instead of taking encrypted packets.
@Mun, brother no offence. This is a forum. It really does not needs too much security unless a lot of incidence of such gruesome act happens. Focus on what @yomero says - You can steal password if you reach a hop between the client user and lowendtalk, that will only happen if we are being routed by one of your servers that is not the case or if you are on same LAN as ours and you use a MITM / ARP Poisoning attack, again which is not the case. Most of the users on LET surfing from their private computers makes it a bit less probable scenario.
HTTPS is typically used as a transport security layer, not a server security layer. The hops inbetween is what HTTPS is for - both at the carrier level, and on the machine of the user.
Especially when signup is free and you can troll, derail and post non sense stuff as much as you can and no body does justice.
Rather than just stealing the DB? wut
So what if it is a forum?
Alliedmodders is a forum, and they have ssl. They don't have cash exchanges, they just know it is a better thing to do when you have a large community where a bunch of things go on.
@Mun, leave you do not get it. Just do not feel fantasy for implementing any technology anwhere ! It becomes like mongoDb is better than MySQL scenario. Consider the pros and cons as well. Also consider how neccessary it is to implement it. I would love to have you write a common "Thank You" plugin for vanilla and ask @Liam to use it on LET.
The thank you button has already been written and given to @chief, he just doesn't install it.
@Mun, Than you can make a website, like LowEndTalkThankYou.com and build a ranking list all over there, let people signup there, verify from pm here, and let them thankyou each other, use Ajax charts and Node to build beautiful statistics out of it.
Indeed I could. But I don't really see the point. The Thank you button was meant for comment level, and not for the person all around.
@Mun, That could be point for a hot discussion, Raise a thread and lets see how does the LET reacts to idea of ranking, It may lead to a rush to be a more productive and disciplined community rather than Troll Mass Generator.
There you go.
All that's needed is SSL at login. This will keep you safe enough on public networks.
Lets be honest here, even if we needed it, a Mr Somebody would never do it due to his "busy" schedule
Alliedmodders jumped off a bridge, are you going to do the same also?
No, but the last time I checked SSL isn't committing suicide, killling someone, or involving of death.
You sound quite the expert on SSL, tell us more why you think snake oil should be applied on the forum
It leaves a gleaming green glow in the upper left hand of your browser