Jump to content

HTTPS is going to come in as default


Recommended Posts

It appears that Apple and Google are pushing https as the default service for logins for services. As a result a lot of forums and websites are going to have to update. (source: https://blog.tapatalk.com/2017-the-year-of-https/ )

 

I've generated us a certificate and installed it, I've enabled SSL and it should work for everything. Please give it a go and let me know, you can find things at https://arniesairsoft.co.uk/forums .  Once it's been tested for a bit I'll move it to be the default for us all and enable it for Tapatalk as well.

  • Like 5
Link to post
Share on other sites
  • 2 weeks later...

What does this mean for the non tech savvy troglodytes amongst us?

 

HTTPS is essentially a cool piece of tech which allows for better overall security by encrypting the connection between you and the website host. An "SSL Certificate" is assigned to the website by a certification authority (like google) which essentially says "If you can access this website over https, you know it's the correct website" - because without that certificate there's no quick proof it's them. Without a certificate, I could redirect you to a page I built to look like the one you meant to access. That's bad because you might share sensitive info trying to login etc.

 

The certificate holds a "public key" which matches up against the "private key" the CA holds; this allows the CA to verify the site.

 

Standard ISP logs don't catch the specific pages you're trying to access i.e. https://alexsporndungeon.com/bin/etc/goatporn/reallynastygoatporn.mp4 but instead just https://alexsporndungeon.com which in hindsight gives the game away anyway.

 

It's good stuff all round!

Edited by DrAlexanderTobacco
Link to post
Share on other sites
  • 1 year later...
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use and the use of session cookies.