Account login Security change - Page 2 - Techist - Tech Forum

Go Back   Techist - Tech Forum > Techist Forum Information > Forum Admin, Announcements & Feedback
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 01-11-2017, 12:31 AM   #11 (permalink)
The Grinch
 
c0rr0sive's Avatar
 
Join Date: Feb 2005
Location: asdf
Posts: 8,846
Default Re: Account login Security change

*shrugs* then I assume you have never been on a connection where SSL connections actually suffer greatly. I also assume that you don't have budgets that are so strict, (yay for non-profit private schools?) in your work environment that you have to still monitor what users do, but are stuck with open source software to accomplish such things.
__________________

__________________
Personal Machine: ECS B85H3-M | Intel i5 4460 | 16GB DDR3-1333 | eVGA 750Ti | Samsung 830 120GB
Server: ASUS M5A99FX Pro R2.0 | AMD FX8350 | 32GB DDR3-1600 ECC | Intel Quad Gigabit NIC | IBM M5015 RAID Controller | 650w OCZ ZS PSU | eVGA LP 710 | 8x WD RE 4TB
c0rr0sive is offline   Reply With Quote
Old 01-11-2017, 08:27 AM   #12 (permalink)
Private Joker
 
carnageX's Avatar
 
Join Date: Feb 2007
Location: South Dakota
Posts: 24,339
Default Re: Account login Security change

Quote:
Originally Posted by c0rr0sive View Post
*shrugs* then I assume you have never been on a connection where SSL connections actually suffer greatly. I also assume that you don't have budgets that are so strict, (yay for non-profit private schools?) in your work environment that you have to still monitor what users do, but are stuck with open source software to accomplish such things.
You would be correct.

But having to use OSS isn't much an excuse either IMO; there's LetsEncrypt where you can get SSL certs for free: https://letsencrypt.org/
__________________

__________________
Laptop: MSI GT70 2OC-059us | i7-4700MQ | 16GB | GTX 770m | 500GB SSD / 750GB HDD | 17.3" | Win10 Pro
Desktop: 4690k | 12GB g.Skill RipJaws | GTX 970 | 520hx | Z87X-UD4H | Corsair Vengeance C70 | Corsair H110 | Acer 25" | Acer 22" | Win10
Mobile: Samsung Galaxy Note 5


If I help you, or you just like what I said, rep me by clicking the under my post
carnageX is offline   Reply With Quote
Old 01-12-2017, 09:45 PM   #13 (permalink)
Newb Techie
 
Join Date: May 2015
Location: Australia
Posts: 18
Default Re: Account login Security change

Exactly, there is no excuse these days not have a website secured with SSL thanks to Letsencrypt and you don't need a static IP address either because there is SNI aswell. Also SSL is becoming friendly with bandwidth as it doesn't need a lot thanks to developments for companies like Google and is becoming increasingly faster than HTTP.
BK_123 is offline   Reply With Quote
Old 01-14-2017, 08:08 AM   #14 (permalink)
The Grinch
 
c0rr0sive's Avatar
 
Join Date: Feb 2005
Location: asdf
Posts: 8,846
Default Re: Account login Security change

"increasingly faster than HTTP" till you end up on something that isn't a typical transport medium, satellite. lol

In all seriousness though, when you have ~130 users on only a 10Mbps pipe, you will hate SSL as you will be forced to cache website data, and the more SSL there is, the less you can cache. It's why I am against SSL on things that don't actually require it.
__________________
Personal Machine: ECS B85H3-M | Intel i5 4460 | 16GB DDR3-1333 | eVGA 750Ti | Samsung 830 120GB
Server: ASUS M5A99FX Pro R2.0 | AMD FX8350 | 32GB DDR3-1600 ECC | Intel Quad Gigabit NIC | IBM M5015 RAID Controller | 650w OCZ ZS PSU | eVGA LP 710 | 8x WD RE 4TB
c0rr0sive is offline   Reply With Quote
Old 01-14-2017, 11:39 AM   #15 (permalink)
Dazed and confused
 
rulezero's Avatar
 
Join Date: Jan 2015
Location: Earth
Posts: 1,672
Default Re: Account login Security change

SSL all the way...

You must be a good target

Hope you dont keep much confidential info on your Comp..
__________________
Don't like what I say, ban me!
rulezero is offline   Reply With Quote
Old 01-18-2017, 08:27 AM   #16 (permalink)
The Grinch
 
c0rr0sive's Avatar
 
Join Date: Feb 2005
Location: asdf
Posts: 8,846
Default Re: Account login Security change

Quote:
Hope you dont keep much confidential info on your Comp..
Hope you understand SSL just keeps people from peeking into a connection, also lets you know if someone has hijacked a domain, doesn't keep them from breaking into a computer system nor network. That aside, traditional network based blocking doesn't properly work with SSL and blocking malicious adverts or even files that are loaded on a secure website, unless you want to buy a NGFW that does DPI and can decide things on its own.

SSL gives a false sense of security, remember that. This website has only one thing personal, an email address, nothing else. Banking websites on the other hand should be fully encrypted to keep prying eyes out, but that doesn't prevent their server from being compromised. It just keeps prying eyes partially out.

Imagine this scenario, which frequently happens.

1: Popular website that is secured is breached, hacker doesn't change anything about the domain but changes the way an advertisement or script is run to load a malicious script.
2: Network firewall can't see what's being transmitted on a secure connection so it has to allow the connection to tunnel through with out traffic being scanned provided the domain wasn't fully blocked.
3: Q.Q user is now infected with god knows what and it can propagate through out the network because a "secure" website was in fact, not "secure".
4: Can't have full control of a network, because lets face it, someone above you is going tell you that they don't need to be monitored, they are cautious users or need to visit commonly blocked websites *rolls eyes*
5: Your entire network it self is now compromised because of a single script that a well known website loaded.
6: You later find out the script could have been blocked by traditional methods if the website didn't uselessly use SSL, because said website has ZERO user input!
__________________
Personal Machine: ECS B85H3-M | Intel i5 4460 | 16GB DDR3-1333 | eVGA 750Ti | Samsung 830 120GB
Server: ASUS M5A99FX Pro R2.0 | AMD FX8350 | 32GB DDR3-1600 ECC | Intel Quad Gigabit NIC | IBM M5015 RAID Controller | 650w OCZ ZS PSU | eVGA LP 710 | 8x WD RE 4TB
c0rr0sive is offline   Reply With Quote
Old 01-18-2017, 08:29 AM   #17 (permalink)
Private Joker
 
carnageX's Avatar
 
Join Date: Feb 2007
Location: South Dakota
Posts: 24,339
Default Re: Account login Security change

Quote:
Originally Posted by c0rr0sive View Post
Hope you understand SSL just keeps people from peeking into a connection, also lets you know if someone has hijacked a domain, doesn't keep them from breaking into a computer system nor network. That aside, traditional network based blocking doesn't properly work with SSL and blocking malicious adverts or even files that are loaded on a secure website, unless you want to buy a NGFW that does DPI and can decide things on its own.

SSL gives a false sense of security, remember that.
I wouldn't go as far as saying that - SSL is still encryption in transit, which is only half of the puzzle as you also want encryption at rest.
__________________

__________________
Laptop: MSI GT70 2OC-059us | i7-4700MQ | 16GB | GTX 770m | 500GB SSD / 750GB HDD | 17.3" | Win10 Pro
Desktop: 4690k | 12GB g.Skill RipJaws | GTX 970 | 520hx | Z87X-UD4H | Corsair Vengeance C70 | Corsair H110 | Acer 25" | Acer 22" | Win10
Mobile: Samsung Galaxy Note 5


If I help you, or you just like what I said, rep me by clicking the under my post
carnageX is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Change windows 7 login screen. luke127 Microsoft Windows and Software 4 05-27-2012 02:47 AM
Gmail Security Checklist, Improve Login Security Osiris Tips, Tricks & Tutorials 0 10-11-2010 07:31 AM
Yubico USB Key Provides Extra Login Protection [Security] Osiris Tips, Tricks & Tutorials 0 01-12-2010 07:16 AM
Can i change my Factory Restore to what i want. (change the OS and software)? pickyantivirus Microsoft Windows and Software 3 09-05-2009 04:22 PM


Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities


Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 07:44 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.