Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 44

Thread: Ubuntuforums.org SSL Security

  1. #11
    Join Date
    Oct 2006
    Beans
    4,624
    Distro
    Kubuntu 15.10 Wily Werewolf

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by LaRoza View Post
    True. However, I do feel that using untrusted computers is by itself a fail. The average (I think) poster is using a home computer, a friend/family computer or a work/school computer.

    If one feels that the computer being used isn't secure enough to use the forum, then I question using that computer.
    I will never log onto this site or any other site that doesn't use encryption from school because I can almost guarantee there's many packet sniffers running for various assignments and such. That is why I have thought of this same idea and I would think just encrypting the exchange of username and password would be enough.
    Quote Originally Posted by LaRoza View Post

    I don't think Ubuntuforums is a worthy enough target or anyone but the admins accounts.
    I know there are people out there that would steal a password just for the sake of stealing a password.
    Blog | Ubuntu User #15350 | Zsh FTW | Ubuntu Security | Nothing to hide?
    AMD Phenom II X6 1075T @ 3GHz, Nvidia GTX 650, 8GB DDR3 RAM, 2 X 1TB, 1 X 3TB HDD
    Please don't request support via PM


  2. #12
    Join Date
    Oct 2007
    Location
    Denmark
    Beans
    658

    Re: Ubuntuforums.org SSL Security

    I'm not sure I'm getting this? This is not Internet banking or anything, so why the extra need for protection? I have no personal data at these forums that anyone could possible want. Even if they did steal my password, they could not really use it for very much, other than to make me look like a fool (and I do a fine enough job at that myself already, thank you very much).

  3. #13
    Join Date
    Apr 2007
    Beans
    14,781

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by rune0077 View Post
    I'm not sure I'm getting this? This is not Internet banking or anything, so why the extra need for protection? I have no personal data at these forums that anyone could possible want. Even if they did steal my password, they could not really use it for very much, other than to make me look like a fool (and I do a fine enough job at that myself already, thank you very much).
    And it would be trivial to change your password, and to undo whatever was done.

    To date, I think there was one possible case of this happening.

  4. #14
    Join Date
    Nov 2006
    Location
    Southern California, USA
    Beans
    15
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by rune0077 View Post
    ...I have no personal data at these forums that anyone could possible want. Even if they did steal my password, they could not really use it for very much...
    Again... this is not just about a forum account, fellas.

    If you follow best practice, then I'm sure you have unique passwords for every online account you own, and that your forum password is nothing at all related to any of your other accounts. Fantastic... no problem.

    But the truth is, many of our community members will reuse their passwords for many of the other sites and computers they access. Their forum profile is likely not a target, but one's banking or email account might be.

    Is this Canonicals fault? Heck no. But, if it's within someone's power to make a simple difference without much of a cost, then why not? It's one less thing people have to worry about, and it makes you feel fuzzy.

    The suggestion is meant to simply help the community, even if they don't know they need it.

  5. #15
    Join Date
    Apr 2007
    Beans
    14,781

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by gmendoza View Post
    If you follow best practice, then I'm sure you have unique passwords for every online account you own, and that your forum password is nothing at all related to any of your other accounts. Fantastic... no problem.

    But the truth is, many of our community members will reuse their passwords for many of the other sites and computers they access. Their forum profile is likely not a target, but one's banking or email account might be.
    I admit it, I do not have unique passwords for everything, however, my forum account password is actually very weak. The reason it is weak is because the risk analysis came out that this password wouldn't be important. (When I became a mod, I made the password stronger, but it is still weaker than my typical passwords)

  6. #16
    Join Date
    Oct 2007
    Location
    Denmark
    Beans
    658

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by gmendoza View Post
    Again... this is not just about a forum account, fellas.

    If you follow best practice, then I'm sure you have unique passwords for every online account you own, and that your forum password is nothing at all related to any of your other accounts. Fantastic... no problem.

    But the truth is, many of our community members will reuse their passwords for many of the other sites and computers they access. Their forum profile is likely not a target, but one's banking or email account might be.

    Is this Canonicals fault? Heck no. But, if it's within someone's power to make a simple difference without much of a cost, then why not? It's one less thing people have to worry about, and it makes you feel fuzzy.

    The suggestion is meant to simply help the community, even if they don't know they need it.
    I keep the exact same password for various social/productive/fun accounts, sure, but I have seperate unique passwords for anything that involves money or private data (like gmail).

    The best way for people to remember to lock their doors, is for them to have a break-in Some people have to learn the hard way, as the saying go.

    But okay, added security is never a bad thing if it can be implemented, so I won't complain of course. If it can't, it won't keep me awake at night, though.

  7. #17
    Join Date
    May 2007
    Beans
    7,032
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: Ubuntuforums.org SSL Security

    It's certainly true that the connection is not secure, and anyone with their wits about them would be able to sniff login data for these forums pretty easily. But, there's really nothing all that valuable to be gained from those, and the people who steal passwords "just because" aren't the same as the people who set up personal data mining operations.

    For those who'd prefer not to have to worry about untrusted networks at all, there's always ssh tunneling.
    I am aware of all internet traditions. | Getting the best help | Text formatting codes | My last.fm profile
    Should I PM support questions? NO!

  8. #18
    Join Date
    Jun 2006
    Location
    Switzerland
    Beans
    Hidden!
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: Ubuntuforums.org SSL Security

    Well, if you use the same passwords on social sites as for your online banking then you ask for problems right away.

    Instead of protecting users from all the hazards in the world, the users should start protecting themselves... why do we have a brain to think? Definitively not for being spoon-fed all the time.

  9. #19
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,705
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: Ubuntuforums.org SSL Security

    Crap

    I just found out another user has been masquerading as KevDog for months. I hope this doesn't mean black beans for me! Gotta stop using the public wifi connection!

  10. #20
    Join Date
    Apr 2007
    Beans
    14,781

    Re: Ubuntuforums.org SSL Security

    Quote Originally Posted by kevdog View Post
    Crap

    I just found out another user has been masquerading as KevDog for months. I hope this doesn't mean black beans for me! Gotta stop using the public wifi connection!
    Really? Change your password if that is the case.

Page 2 of 5 FirstFirst 1234 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •