Page 1 of 1

HTTPS is a safety must-have for forums

Posted: April 13th, 2018, 5:34 pm
by AMDphreak_
MZ does not implement HTTPS. This community would benefit from having a more secure login experience. It is expected for any website that accepts credentials to require SSL encryption at this point.

Re: HTTPS is a safety must-have for forums

Posted: April 13th, 2018, 11:38 pm
by Brummelchen
already solved, more or less, this question is not new
http://forums.mozillazine.org/viewtopic ... &t=3028083

Re: HTTPS is a safety must-have for forums

Posted: April 14th, 2018, 4:29 am
by Lurtz
It may not be new, but it is more pressing than ever. It is ironic that a site that handles Mozilla topics, one of the propagators of HTTPS, doesn't implement it.

The web is moving to full encryption. There's not excuse not to encrypt.

Re: HTTPS is a safety must-have for forums

Posted: April 14th, 2018, 12:00 pm
by DanRaisch
These forums are maintained by an individual with limited funds and limited time. Just how much critical private information do you feel you have stored on these forums that would be at risk if someone sought to access it? While the web may be moving to full encryption, priority should be given to sites which store private, personal information, which is not really a valid description of the information you were asked for to register on the forums.

Re: HTTPS is a safety must-have for forums

Posted: April 14th, 2018, 1:20 pm
by Lurtz
I think we are past the priority stage, the trend to full encryption is almost finished, with over 70% of web traffic on Desktop already being encrypted. It's not even primarily about personal information anymore.

Let's Encrypt offers free certificates.

Re: HTTPS is a safety must-have for forums

Posted: April 14th, 2018, 1:23 pm
by James
I imagine kerz could make use of https://letsencrypt.org/ if he really wanted to however past attempts to use mods or do changes did not always go well.

Re: HTTPS is a safety must-have for forums

Posted: April 17th, 2018, 8:00 am
by akwala
Lurtz wrote:I think we are past the priority stage, the trend to full encryption is almost finished, with over 70% of web traffic on Desktop already being encrypted. It's not even primarily about personal information anymore.

Let's Encrypt offers free certificates.
+1

Ironic

Posted: May 30th, 2018, 4:20 pm
by fsckDsk
This forum is about a privacy browser yet does not support secure HTTPS.
That's ironic!

Re: Ironic

Posted: May 30th, 2018, 4:30 pm
by Frank Lion
fsckDsk wrote:This forum is about a privacy browser
First I've heard of it.

You been reading mozilla's meaningless mission missives or something?

Re: Ironic

Posted: May 30th, 2018, 10:29 pm
by James
fsckDsk wrote:This forum is about a privacy browser yet does not support secure HTTPS.
That's ironic!
This forum is independent and not a part of nor is it run by Mozilla. This forum is not only for desktop Firefox but also for support on a number of other things as you can see on the forum index http://forums.mozillazine.org/

It is up to the owner/admin if he wants to do this (major forum changes here has not always went well, like with database issues) when he has time with his busy job at Google and with life.

This is not a online store or a bank site or such.

Re: HTTPS is a safety must-have for forums

Posted: May 31st, 2018, 2:25 am
by Brummelchen
Mozilla/5.0 (Linux; Android 4.4.2; de-de; SAMSUNG SM-N9005 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko) Version/1.5 Chrome/28.0.1500.94 Mobile Safari/537.36
is this your used Android OS and browser? i am pretty sure this combination has more flaws and issues than this forum not available with ssl ;)
if faked, ofc has also not much advantages.

Re: HTTPS is a safety must-have for forums

Posted: June 4th, 2018, 5:15 pm
by Scarlettrunner20
Why is encryption of forums a "safety must have"? I have TERRIBLE problems with all these now encrypted websites that have absolutely zero need to encrypt.

I've been coming here since 2003 and I have never experienced any safety issues here due to non encryption of the forums, but I sure have been blocked by Fx at certain sites which worked fine NON-encrypted but encrypted recently and now cannot be reached. At least my home site allows us to use it NON encrypted if we wish and I have set that in my preferences there.

To me, it is a safety issue for bank sites and a few others but the race to encrypt the entire internet is a race to keep users from being anon if they wish.